Researchers warn of rising attacks targeting D-Link routers with FICORA (Mirai variant) and CAPSAICIN (Kaiten variant) botnets. Exploiting HNAP vulnerabilities like CVE-2024-33112, the botnets spread globally, executing DDoS attacks and remote commands. FICORA uses brute-force techniques, while CAPSAICIN focuses on East Asia, controlling infected devices and ensuring compatibility across Linux architectures.

‍