Hackers Actively Exploit EoL GeoVision IoT Devices for Mirai Botnet DDoS Attacks

Hackers are actively exploiting security vulnerabilities in end-of-life (EoL) IoT devices from GeoVision to integrate them into a Mirai botnet and conduct distributed denial-of-service (DDoS) attacks. This activity was first observed by the Akamai Security Intelligence and Response Team (SIRT) in early April 2025. The attackers are exploiting two commands of the operating system.