"New SOHO Router Botnet AVrecon Spreads to 70,000 Devices Across 20 Countries"

A new strain of malware has been targeting small office/home office (SOHO) routers covertly for over two years, infiltrating more than 70,000 devices and creating a botnet with 40,000 nodes across 20 countries. The malware has been dubbed AVrecon by Lumen Black Lotus Labs, making it the third strain to target SOHO routers over the past year after ZuoRAT and HiatusRAT. According to the company, AVrecon is one of the largest SOHO router-targeting botnets ever. The campaign's objective appears to be the creation of a covert network to facilitate various criminal activities, including password spraying and digital advertising fraud. The US and the US account for most infections, followed by Argentina, Nigeria, Brazil, Italy, Bangladesh, Vietnam, India, Russia, and South Africa. This article continues to discuss the AVrecon malware behind one of the largest SOHO router-targeting botnets. 

THN reports "New SOHO Router Botnet AVrecon Spreads to 70,000 Devices Across 20 Countries"