Moobot botnet is leveraging a known remote code execution (RCE) vulnerability in Hikvision products (CVE-2021-36260) to spread a Moobot, which carries out distributed denial of service (DDoS) attacks. The attack surface could be significant: China-based Hikvision touted itself as the “world’s leading video-surveillance products supplier” on the company site.
Although a patch was released in September, any still-vulnerable Hikvision IP Network Video Recorder (NVR) products are being actively targeted by the Mirai-based botnet known as Moobot.
Source: https://threatpost.com/moobot-botnet-hikvision-surveillance-systems/176879/