RondoDox botnet targets 56 n-day flaws in worldwide attacks www.bleepingcomputer.com/news/secu…

A new large-scale botnet called RondoDox is targeting 56 vulnerabilities in more than 30 distinct devices, including flaws first disclosed during Pwn2Own hacking competitions.

The attacker focuses on a wide range of exposed devices, including DVRs, NVRs, CCTV systems, and web servers and have been active since June. The RondoDox botnet leverages what Trend Micro researchers call an “exploit shotgun” strategy, where numerous exploits are used simultaneously to maximize the infections, even if the activity is very noisy.

Since FortiGuard Labs discovered RondoDox, the botnet appears to have expanded the list of exploited vulnerabilities, which included CVE-2024-3721 and CVE-2024-12856. The security researchers note that the botnet developer pay close attention to exploits demonstrated during Pwn2Own events, and move quickly to weaponize them, as Mirai did with CVE-2023-1389 in 2023.