RondoDox Botnet: From Zero to 174 Exploited Vulnerabilities
March 16, 2026, 9:52 a.m.
Description
The RondoDox botnet has emerged as a significant threat, exploiting 174 different vulnerabilities since May 2025. It primarily targets IoT devices and internet-exposed services for DoS attacks. The botnet's infrastructure includes exploiting and hosting components, with evidence suggesting the use of compromised residential IPs. RondoDox's operators have shown a rapid adoption of newly disclosed vulnerabilities, sometimes exploiting them within days of publication. The botnet's evolution includes a shift from a shotgun approach using numerous exploits to a more focused strategy targeting recent, critical vulnerabilities. The malware shares similarities with Mirai but focuses solely on DoS attacks. This threat highlights the importance of exposure management in cybersecurity.
Tags
Date
- Created: March 11, 2026, 3:49 p.m.
- Published: March 11, 2026, 3:49 p.m.
- Modified: March 16, 2026, 9:52 a.m.
Indicators
- ce6375a4077edaf2f83847e3cefd8eb9535da249806d3214b22a0d50891c7b4c
- 691e4ec280aaff33270f33a9bb48a3fc38e2bd91c7359e687e3f0bd682f20b54
- 45.8.145.203
- 192.253.248.5
- 192.183.232.142
- 45.135.194.32
- 45.135.194.34
- 192.159.99.95
- 45.135.194.11
- 99.241.94.234
- 78.153.149.90
- 45.125.66.100
- 23.228.188.126
- 45.153.34.156
- 74.194.191.52
- 41.231.37.153
- 154.91.254.95
- 87.121.84.31
- 70.184.13.47
- 14.103.145.202
- 38.59.219.27
- 169.255.72.169
- 37.32.15.8
- 87.121.84.75
- 87.121.84.132
- 14.103.145.211
- 83.252.42.112
- 45.156.87.165
- 83.150.218.93
Additional Informations
- x1337.cc