Mirai-Based Botnets Resurface: IoT Vulnerabilities and Global Cyber Threats Surge in 2025

Mirai-Based Malware Resurfaces with New IoT Campaign

Mirai-based ShadowV2 botnet resurfaces, exploiting 7 IoT vulnerabilities during AWS outage (Fortinet, 2025). Attackers tested the campaign by infecting devices with CVE-2024-10914 and others, preparing for future DDoS attacks.

Why This Matters

IoT devices remain a weak link in cybersecurity, with ShadowV2’s evolution reflecting a strategic shift toward targeting them. The botnet’s ability to weaponize flaws like CVE-2024-10914 (D-Link) and CVE-2024-53375 (TP-Link) highlights the scale of risks: unpatched devices could be recruited into massive botnets, costing enterprises millions in downtime and reputational damage.

Key Insights

• “Mirai-based ShadowV2 botnet exploits 7 IoT vulnerabilities (Fortinet, 2025)”
• “Russia-linked hackers abuse MSC flaw for stealthy infection (Zscaler, 2025)”
• “Microsoft links 13M phishing emails to top PhaaS operation (Microsoft, 2025)“

Practical Applications

• Use Case: IoT device manufacturers must patch CVE-2024-10914 to prevent botnet recruitment.
• Pitfall: Ignoring legacy NTLM protocols leaves enterprises vulnerable to credential theft (Kaspersky, 2025).

References:

• https://thehackernews.com/2025/11/threatsday-bulletin-ai-malware-voice.html