RondoDox Botnet Exploiting Devices With React2Shell Flaw
Summary
- A botnet campaign called RondoDox is exploiting the React2Shell vulnerability in open-source React framework across various devices since December.
- The security firm CloudSEK has attributed this to RondoDox and noted that it compromises IoT devices at scale.
Why It Matters for Texas Credit Unions
Texas credit unions are subject to the same cybersecurity risks as other financial institutions, making this relevant for risk management and compliance.
Original Source Material
The Campaign Compromises Open-Source Vulnerability to Hack IoT Devices at Scale Security firm CloudSEK has uncovered a botnet campaign that is exploiting the React2Shell vulnerability in the Meta-developed, open-source React framework across a variety of devices since December. The security firm attributed the campaign to RondoDox.