New C0XMO Botnet Variant Targets DD-WRT Routers and Eliminates Rival Malware

A new variant of the Gafgyt botnet, named C0XMO, is actively targeting routers running DD-WRT firmware by exploiting an undisclosed vulnerability. The malware can propagate to devices with multiple CPU architectures, expanding its reach beyond initial infection points. C0XMO is designed to terminate rival malware on compromised systems, consolidating control over infected devices. The botnet’s primary impact includes unauthorized access, potential lateral movement within networks, and disruption of competing malicious operations. No specific CVE ID, infection numbers, or exact dates were provided in the reported findings.