uTalk

thrive

Member

Registered: 2023-01-04

Posts: 1,985

Realtek Vulnerability Attack: Over 134 Million Attempts to Hack

Researchers are warning about a spike in exploitation attempts weaponizing a critical remote code execution flaw in Realtek Jungle SDK since the start of August 2022.

According to Palo Alto Networks Unit 42, the ongoing campaign is said to have recorded 134 million exploit attempts as of December 2022, with 97% of the attacks occurring in the past four months.

Close to 50% of the attacks originated from the U.S. (48.3%), followed by Vietnam (17.8%), Russia (14.6%), The Netherlands (7.4%), France (6.4%), Germany (2.3%0, and Luxembourg (1.6%).

What's more, 95% of the attacks leveraging the security shortcoming that emanated from Russia singled out organizations in Australia.

"Many of the attacks we observed tried to deliver malware to infect vulnerable IoT devices," Unit 42 researchers said in a report, adding "threat groups are using this vulnerability to carry out large-scale attacks on smart devices around the world."

The vulnerability in question is CVE-2021-35394 (CVSS score: 9.8), a set of buffer overflows and an arbitrary command injection bug that could be weaponized to execute arbitrary code with the highest level of privilege and take over affected appliances.

The issues were disclosed by ONEKEY (previously IoT Inspector) in August 2021. The vulnerability impacts a wide range of devices from D-Link, LG, Belkin, Belkin, ASUS, and NETGEAR.