Valve Source Engine, Fortnite Servers Crippled By Gafgyt Variant
Arthur T Knackerbracket has found the following story:
Servers hosting Valve Source Engine and popular games like Fortnite are targeted by a new variant of the Gafgyt botnet.
A new Gafgyt variant is adding vulnerable internet of things (IoT) devices to its botnet arsenal and using them to cripple gaming servers worldwide.
The newly-discovered variant is capable of launching a variety of denial-of-service (DoS) attacks against the Valve Source Engine, a video game engine developed by Valve Corp. that runs popular games such as "Half-Life and "Team Fortress 2. Other gaming servers have also been targeted by the botnet, such as those hosting widely-played games such as Fortnite, researchers warn.
"This Gafgyt variant is a competing botnet to the "JenX botnet, which also uses remote code-execution exploits to gain access and recruit routers into botnets to attack gaming servers - most notably those running the Valve Source Engine - and cause a denial-of-service," said researchers with Palo Alto Networks' Unit 42 research team, in analysis released Thursday. "This variant also competes against similar botnets, which we have found are frequently sold on Instagram."
Gafgyt, a botnet that was uncovered in 2014, has become infamous for launching large-scale distributed denial-of-service (DDoS) attacks. The newest Gafgyt variant targets two of the same small-office router remote-code-execution flaws as its predecessor, "JenX, which was disclosed in 2018".
The two previously-targeted flaws are CVE-2017-17215 (in the Huawei HG532) and CVE-2014-8361 (in the Realtek RTL81XX chipset). However, the newest variant also targets another vulnerability, CVE-2017-18368, a remote command-injection bug on Zyxel P660HN wireless routers. The Zyxel P660HN-T1A (distributed by TrueOnline) has a command-injection vulnerability in the remote system log forwarding function, which can be accessed by an unauthenticated user, researchers said.
According to Shodan, there are more than 32,000 Wi-Fi routers worldwide that are vulnerable to these three flaws.
Read more of this story at SoylentNews.