Over the past few days, Satori has begun to exploit a high-profile vulnerability in the D-Link DSL-2750B device. The remote code execution vulnerability has been for two years and the exploit code was disclosed last month. The vulnerability was disclosed in 2016, but D-Link did not release the fix. The latest firmware for the DSL-2750B model was released in 2015.
D-Link router and modem vulnerabilities are being exploited by Satori IoT botnet
Security researchers report that malicious attackers are using a known vulnerability on D-Link routers and modems to create a Satori IoT botnet. Satori builds on the publicly available Mirai IoT botnet source code and continuously updates to add more exploit code. It has evolved from a variant of Mirai into a large new botnet.