Hackers are exploiting a decade-old vulnerability (CVE-2015-2051) in D-Link DIR-645 routers, turning them into a botnet named 'Goldoon,' identified by FortiGuard Labs in April 2024. The flaw allows remote execution of arbitrary commands via the Home Network Administration Protocol (HNAP), and the botnet contains 27 methods to carry out DDoS attacks. Lack of patch application and consumer neglect in updating router firmware pose significant cybersecurity risks, as highlighted by studies on router vulnerabilities in the U
S. and U.K. The Goldoon botnet was observed to have nearly double its baseline activity during mid-April 2024. ```https://www.bankinfosecurity.com/new-botnet-goldoon-targets-d-link-devices-a-25009