• Latest
  • All
  • How To
Ballista Botnets

Ballista Botnet Targeting TP-Link Routers Is Spreading Rapidly

March 14, 2025
sodium-ion battery

Researchers Develop Sodium-Ion Battery That Charges to 80% in 6 Minutes

May 27, 2025
TV Gambling Ads

Regulator Fines Stations Using Religious Shows to Push Gambling

May 27, 2025
Connected Africa Summit 2025

Connected Africa 2025 Day 2: Focus on Digital Inclusion & Cybersecurity

May 27, 2025
whatsapp chatbots

WhatsApp iPad App Finally on the Horizon as Meta Teases Launch

May 27, 2025
DHgate Tablet Cases deals
Connected Africa Summit

ICTA Chair and CEO Push for Digital Unity at Connected Africa Summit

May 27, 2025
Kenya Safaricom share sale

Kenya Plans Mega Sale of Safaricom Shares to Raise Over a Billion Dollars

May 26, 2025
Safaricom, Airtel, Telkom lawsuit

Safaricom, Airtel, Telkom and CA Sued in Data Rollover Lawsuit

May 26, 2025
Metered Internet bill

New Bill Wants to Meter and Monitor How You Use the Internet

May 26, 2025
veo 3

Google’s Veo 3 Is Blurring the Line Between Reality and AI

May 26, 2025
Apple-Glasses

Apple to Reportedly Launch Smart Glasses by 2026 to Rival Meta, Google

May 23, 2025
OpenAI

OpenAI Looks To Get Into Hardware Market After Acquiring Startup For $6.5B

May 23, 2025
Infinix GT 30 Pro

Infinix Unveils the GT 30 Pro with 120 FPS Certification for PUBG

May 22, 2025
Techweez | Tech News, Reviews, Deals, Tips and How To
  • News
  • Entertainment
  • Reviews
  • Features
  • Editorial
No Result
View All Result
Techweez | Tech News, Reviews, Deals, Tips and How To
  • News
  • Entertainment
  • Reviews
  • Features
  • Editorial
No Result
View All Result
Techweez | Tech News, Reviews, Deals, Tips and How To
No Result
View All Result

Ballista Botnet Targeting TP-Link Routers Is Spreading Rapidly

Naftary Thitu by Naftary Thitu
March 14, 2025
in News
Reading Time: 2 mins read
276
0
Ballista Botnets

A newly identified botnet, named “Ballista,” is actively exploiting a critical remote code execution (RCE) vulnerability in unpatched TP-Link Archer AX21 routers.

This vulnerability, tracked as CVE-2023-1389, allows attackers to inject commands remotely, leading to unauthorized control over affected devices.

Since its detection on January 10, 2025, the Ballista botnet has compromised over 6,000 devices worldwide. The infections are predominantly concentrated in Brazil, Poland, the United Kingdom, Bulgaria, and Turkey.

Notably, the botnet has targeted organizations across various sectors, including manufacturing, healthcare, services, and technology, in countries such as the United States, Australia, China, and Mexico.

The attack sequence begins with a malware dropper, a shell script (“dropbpb.sh”), designed to fetch and execute the main binary on the target system for various system architectures such as mips, mipsel, armv5l, armv7l, and x86_64.

Once executed, the malware establishes an encrypted command-and-control (C2) channel on port 82, allowing attackers to run shell commands, conduct further RCE, and perform denial-of-service (DoS) attacks.

Additionally, the malware attempts to read sensitive files on the local system and spreads to other routers by exploiting the same vulnerability.

Analysis suggests a potential link between the Ballista botnet and an Italian-based threat actor. This assessment is based on the IP address location of the command-and-control server and Italian language strings found within the malware binaries.

Recommendations

To protect against the Ballista Botnet and similar threats, users and organizations are advised to:

  • Update Firmware: Ensure that TP-Link Archer AX21 routers are running the latest firmware version. TP-Link has released updates addressing CVE-2023-1389, which are available on their official website.
  • Change Default Credentials: Replace default usernames and passwords with strong, unique credentials to prevent unauthorized access.
  • Disable Unnecessary Services: Turn off services and features that are not in use, reducing potential entry points for attackers.
  • Monitor Network Activity: Regularly monitor network traffic for unusual activity, which could indicate a compromised device.

Implementing these measures can significantly enhance the security of devices and networks, mitigating the risk posed by botnets like Ballista.

Tags: Malware
SendShare153Tweet96
Naftary Thitu

Naftary Thitu

Tech enthusiast and ICT guru by trade, I've swapped debugging code for decoding tech trends. When I’m not wrangling with cybersecurity conundrums or geeking out over the latest gadgets, I’m busy turning techie mumbo jumbo into engaging, often hilarious, articles.

Related Posts

Hospitals Targeted by Stealthy New Malware Called ResolverRAT

Hospitals Targeted by Stealthy New Malware Called ResolverRAT

April 15, 2025
Hackers Use Weaponized PDFs

The Weaponization of PDFs: How Cybercriminals Are Exploiting a Trusted Format

April 7, 2025
Google Zero--Day

Google Fixes Dangerous Chrome Bug Exploited by Hackers

April 1, 2025
CAPTCHA

Hackers Are Now Hiding Malware Behind Fake CAPTCHAs

March 20, 2025
Ad fraud

Google Removes 180 Apps from Play Store Over Massive Ad Fraud Scheme

March 14, 2025
Boramae Ransomware

Boramae Ransomware: The Stealthy Cyber Threat That Won’t Go Away

March 14, 2025

Latest

sodium-ion battery

Researchers Develop Sodium-Ion Battery That Charges to 80% in 6 Minutes

May 27, 2025
TV Gambling Ads

Regulator Fines Stations Using Religious Shows to Push Gambling

May 27, 2025
Connected Africa Summit 2025

Connected Africa 2025 Day 2: Focus on Digital Inclusion & Cybersecurity

May 27, 2025
whatsapp chatbots

WhatsApp iPad App Finally on the Horizon as Meta Teases Launch

May 27, 2025
Connected Africa Summit

ICTA Chair and CEO Push for Digital Unity at Connected Africa Summit

May 27, 2025
Kenya Safaricom share sale

Kenya Plans Mega Sale of Safaricom Shares to Raise Over a Billion Dollars

May 26, 2025

Best devices

budget smartwatches 2025

Best Budget Smartwatches To Buy in Kenya 2025

February 13, 2025

Best Infinix Smartphones To Buy in Kenya 2024

February 13, 2025

Best Laptops for Battery Life in 2024

August 21, 2024

Best “Battery Warrior” Smartphones To Buy in 2024

August 22, 2024

Researchers Develop Sodium-Ion Battery That Charges to 80% in 6 Minutes

May 27, 2025

Regulator Fines Stations Using Religious Shows to Push Gambling

May 27, 2025

Techweez is a fast growing influential source of technology news, reviews and analysis by leading tech geeks in the industry.

Follow Us

Editorials

Samsung QLED TVs Now Officially Certified for Real Quantum Dot Technology

Trump’s Tariffs Will Be the End of Affordable Tech

5 Ways to Prep Your Tech for Resale

The Weaponization of PDFs: How Cybercriminals Are Exploiting a Trusted Format

Introducing A Brainbox Quiz: Techweez’s Monthly Trivia Night!

5 Most Reliable Virtual Dollar Card Providers in Nigeria

More News

Safaricom, Airtel, Telkom and CA Sued in Data Rollover Lawsuit

New Bill Wants to Meter and Monitor How You Use the Internet

Google’s Veo 3 Is Blurring the Line Between Reality and AI

Apple to Reportedly Launch Smart Glasses by 2026 to Rival Meta, Google

OpenAI Looks To Get Into Hardware Market After Acquiring Startup For $6.5B

Infinix Unveils the GT 30 Pro with 120 FPS Certification for PUBG

  • Terms Of Use
  • Techweez Brand
  • Privacy & Policy
  • Contact Us

© 2024 Techweez - Palahala Media Group may earn a commission when you buy through links on our sites.
A Palahala Media Group Brand. All rights reserved.
.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

Techweez | Tech News, Reviews, Deals, Tips and How To
Crunchy Cookies 🍪 Ahead!

Hey there! Just a heads-up: we're big fans of cookies - both the digital and edible kind! 🍪 We use our cookies and some from third parties to ensure your browsing experience on our site is smooth sailing and secure.

 

But wait, there's more! We also use cookies to gather stats and insights on how you navigate our site. It's like getting a behind-the-scenes peek at your digital adventures!

 

Don't worry, you're in control. You can adjust your cookie settings anytime to suit your preferences. Feeling curious? Dive into our Privacy Policy for all the juicy details. Happy browsing! 🚀

Functional Always active
Listen, this legal stuff is about as exciting as watching paint dry. But it basically says we only use your stuff for what you asked us to do, and nobody else gets to peek!
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
It's those sneaky cookie crumbs websites leave behind to count visitors, like counting ants at a picnic! Totally harmless, just for fun facts. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
Hey there! Just letting you know we use some fancy gizmos to remember your preferences. This way, we can show you ads that are, well, not completely bananas.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
Make cookies
{title} {title} {title}
Techweez | Tech News, Reviews, Deals, Tips and How To
Crunchy Cookies 🍪 Ahead!
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
Listen, this legal stuff is about as exciting as watching paint dry. But it basically says we only use your stuff for what you asked us to do, and nobody else gets to peek!
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
It's those sneaky cookie crumbs websites leave behind to count visitors, like counting ants at a picnic! Totally harmless, just for fun facts. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
Hey there! Just letting you know we use some fancy gizmos to remember your preferences. This way, we can show you ads that are, well, not completely bananas.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
Make cookies
{title} {title} {title}
No Result
View All Result
  • News
  • Reviews
  • Features
  • Editorial
  • Automotive
  • Entertainment

© 2024 Techweez - Palahala Media Group may earn a commission when you buy through links on our sites.
A Palahala Media Group Brand. All rights reserved.
.