A new report has highlighted how botnets are exploiting a critical bug in the Realtek SDK, allowing attackers to access and manipulate millions of devices with alarming ease. According to Radware’s research, device owners may be vulnerable to malware, data theft, and ransomware attacks if their Realtek SDK is unpatched.
The bug, now classified as a ‘critical vulnerability’, was found in the software development kit installed on millions of devices around the world. Allowing attackers to remotely access and control insecure systems, the bug could be exploited to carry out man-in-the-middle attacks, intercepting SMB traffic, and even abuse and modify user systems.
Given the wide reach of the SDK, Radware is urging device owners, network administrators, and enterprises to patch their systems as soon as possible. The patch is available as an opt-in update via the Realtek website, and should be applied with immediate urgency.
In addition to patching, an effective cybersecurity defense should involve taking a number of steps to improve the safety of your systems. This includes installing antivirus and antimalware tools, activating firewalls, using secure passwords, and encrypting your data. It’s also important to monitor your systems for any suspicious activity – including downloads, transactions, and communications – and promptly address any threats.
Although the impact of the Realtek SDK vulnerability is highly concerning, its discovery and patching is fortunate. Had it been left unchallenged, this bug could have put millions of users at risk, wiping out valuable data, and severely impacting user privacy. By taking preemptive action now, device owners can ensure the security of their systems.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Wed, 25 Jan 2023 18:01:02 +0000