Mirai Botnet Hacks TBK DVRs Using Injection Flaw

A newly discovered strain of the Mirai botnet malware is targeting TBK DVR-4104 and DVR-4216 digital video recorders by exploiting a command injection vulnerability, according to cybersecurity researchers. The flaw allows attackers to remotely execute malicious code on vulnerable devices, effectively hijacking them and adding them to the Mirai botnet network.

The malware variant leverages the security weakness to gain control over the DVR systems, which are commonly used for surveillance purposes. Once compromised, the devices can be used to launch distributed denial-of-service (DDoS) attacks or carry out other malicious operations at scale.

The attack highlights ongoing concerns about the security of internet-connected devices, particularly those used in critical monitoring and recording roles. The Mirai malware family, first observed in previous large-scale attacks, continues to evolve, using newly discovered vulnerabilities to expand its reach. Organizations relying on affected TBK DVRs are urged to assess their systems for potential exposure and apply necessary mitigations.