Dec 06, 2021: FortiGuard Labs posted a blog about MooBot Malware analyzing how Moobot targets Hikvision Camera vulnerability. April 12, 2022: FortiGuard Labs posted a blog about Enemybot Malware and how it targets various router vulnerabilities such as Netgear, D-Link etc. Jan 27, 2022: FortiGuard Labs released a Threat Signal on BotenaGo Malware which targets multiple IoT devices. Dec 27, 2022: FortiGuard Labs released an Outbreak Alert about Zerobot Malware which spreads primarily through IoT and web application vulnerabilities. Please go to Additional Resources section for links to blog posts, threat signal and outbreak alert mentioned above.

In Jan, 2023: FortiGuard Labs observed severe IPS detections (peak of up-to 50,000 unique IPS devices) and associated malware activity exploiting older router vulnerabilities. In particular, MooBot and Enemybot Malware targeting D-Link routers (CVE-2015-2051) and Lucifer Malware, BotenaGo Botnet and Zerobot Malware exploiting vulnerabilities on unpatched Dasan GPON home routers (CVE-2018-10562, CVE-2018-10561). FortiGuard Labs recommends upgrading the vulnerable routers to latest firmware and discontinue using end-of-life products if still in use. FortiGuard labs has already released multiple IPS and AV protections to block such attack attempts for our customers.

In June 2023: FortiGuard observed upto 18,000+ IPS devices that blocked attack attempts affecting some Zyxel CPE models. Zyxel has released firmware updates for RCE and DoS vulnerabilities which does not have assigned CVE number as of now. FortiGuard Labs also observed CVE-2023-26801, a vulnerability affecting LB-LINK devices targeted by the attackers and we see IPS detections of upto 5000+ devices. With popularity of `Work from Anywhere`, company`s employees can get compromised easily if they are using vulnerable home router devices. Fortinet Zero Trust Access solutions provide continuous verification of all users, devices and checks for device posture as they access corporate applications and data.