VERY IMPORTANT

Over the past several months, Radware researchers have been monitoring the evolution of a Mirai variant Radware have named "Dark.IoT." Palo Alto Networks first reported on this botnet on March 15, 2021. On August 6, 2021, Juniper Threat Labs reported that this botnet began propagating via CVE-2021-20090, a supply chain vulnerability recently disclosed by Tenable that impacts IoT devices manufactured by nearly two dozen vendors. Two weeks later, on August 19, 2021, Radware researchers discovered updated binaries for this unnamed botnet showing the operators are preparing to leverage yet another supply chain vulnerability disclosed recently by IoT Inspectors Research Lab. The vulnerability, CVE-2021-35395, disclosed less than a week before Dark.IoT integrated it, impacts IoT devices manufactured by 65 vendors who use the Realtek chipsets and SDK.