GreyNoise says scannings for vulnerable TVT DVRs are spiking More than 2,500 unique IP addresses were hunting at one point A 2024 vulnerability allows threat actors to run admin commands on the device ...

According to the threat monitoring platform GreyNoise, which detected the exploitation activity, it's likely tied to a Mirai-based malware that seeks to incorporate the devices into its botnet.

See ProTraf. Anna-Senpai: A nickname for a Hackforums[dot]net user who built Mirai and subsequently used the forum to leak the source code for the malware. See Hackforums, Mirai. Anime ...