Two Mirai Botnets, Lzrd and Resgod, Detected Exploiting Vulnerabilities in Wazuh System

Akamai’s recent analysis has identified two distinct Mirai botnets actively exploiting the significant vulnerability identified as CVE-2025-24016 within the Wazuh framework. This critical flaw presents a serious threat, particularly within the realm of Internet of Things (IoT) devices, enabling these botnets to proliferate rapidly.

The implications of this vulnerability are considerable, as attackers leverage it to create extensive networks of compromised devices, which can subsequently be utilized for various malicious activities, including distributed denial-of-service (DDoS) attacks. Given the increasing prevalence of IoT devices and their integration into critical systems, the urgency for thorough patching and remediation cannot be overstated.

Organizations utilizing Wazuh are strongly advised to implement the necessary patches and security updates immediately to mitigate the risk posed by these exploiting botnets. Proactive measures are essential to bolster defenses against such sophisticated threats and ensure the integrity and security of networked environments.

In summary, the discovery of these Mirai botnets highlights the imperative for vigilance and prompt action in addressing vulnerabilities within IoT ecosystems. The evolving nature of these threats necessitates ongoing monitoring and a robust security posture to safeguard against emerging risks.