The Hacker News ·EN News source
RustDuck Botnet Rebuilds in Rust to Hijack Routers and Servers for DDoS
CVE Tools coverage
Researchers from QiAnXin XLab report a two-stage malware family called RustDuck that compromises home routers, IP cameras, Android boxes, and exposed servers, then uses the infected devices to launch DDoS attacks. The campaign has been linked to multiple vulnerable products and vulnerabilities, including CVE-2017-17215, CVE-2025-29635, CVE-2024-1781, CVE-2024-1781, CVE-2018-8007, plus exposure to ThinkPHP, Jenkins, and Hadoop YARN issues. The risk is amplified by RustDuck’s active evolution and its use of modern encryption and anti-analysis checks, making detection and takedown harder.