Mirai Botnet Targets Flaw in Discontinued D-Link Routers

Cyber

04/22/2026

Mirai operators exploit old D‑Link flaw to grow botnet.

Akamai says a Mirai botnet is exploiting a command injection bug in discontinued D‑Link DIR‑823X routers, using crafted POST requests that mirror a proof‑of‑concept published last year. The attacks download a payload with typical Mirai traits, including XOR encoding and a hardcoded downloader address. D‑Link stopped supporting the affected firmware versions in 2025 and has urged users to retire the devices. Akamai notes the same actor is probing TP‑Link and ZTE flaws as Mirai variants continue to spread due to low barriers to entry and reused source code.

https://www.securityweek.com/mirai-botnet-targets-flaw-in-discontinued-d-link-routers/

Tagged: botnet Flaw Routers

Subscribe Sign In

Related Posts