C0XMO botnet spreads via DD-WRT router flaw, kills rival malware

📅 7 June 2026 at 14:17 UTC📰 Bleeping ComputerView original source ↗

A new variant of the Gafgyt botnet called C0XMO is targeting DD-WRT router firmware and can move to other device types with various CPU architectures. [...]

🤖 AI BriefingAuto-generated threat analysis

🔍Threat Overview

The C0XMO botnet is a sophisticated malware that exploits CVE-2021-27137 to deliver a modular and adaptable DDoS attack tool, targeting various device types with different CPU architectures.

⚙️Technical Details

Affected Systems

DD-WRT router firmware

Attack Vectors

buffer overflow vulnerability

💥Impact Assessment

Severity: high

Who Is at Risk

Japanese technology companyother organizations with DD-WRT router firmwareSeverity: high

🛡️Recommended Actions

1Keep devices up to date

2Use unique admin credentials

3Disable remote access capabilities when not needed

📦Affected Products

DD-WRT router firmware

Read the full article

This is a curated summary. The complete article is available at Bleeping Computer.

Read on Bleeping Computer ↗

← Back to feed