Nexcorium Mirai Variant Exploits TBK DVR Flaw to Launch DDoS Attacks

A Mirai variant named Nexcorium is exploiting a vulnerability in TBK DVRs to compromise devices and enlist them in DDoS attacks, alongside targeting outdated TP-Link routers. Fortinet researchers identified that threat actors are leveraging flaws in these devices to propagate the Nexcorium malware. The campaign specifically abuses unpatched TBK DVR systems and end-of-life TP-Link routers, which lack security updates. No specific CVE IDs, dates, or technical details about the exploited vulnerabilities were disclosed in the report. The primary impact involves the hijacking of IoT devices to amplify botnet-driven DDoS attacks.