← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
RondoDox Botnet: From Zero to 174 Exploited Vulnerabilities
The RondoDox botnet has emerged as a significant threat, exploiting 174 different vulnerabilities since May 2025. It primarily targets IoT devices and internet-exposed services for DoS attacks. The botnet's infrastructure includes exploiting and hosting components, with evidence suggesting the use of compromised residential IPs. RondoDox's operators have shown a rapid adoption of newly disclosed vulnerabilities, sometimes exploiting them within days of publication. The botnet's evolution includes a shift from a shotgun approach using numerous exploits to a more focused strategy targeting recent, critical vulnerabilities. The malware shares similarities with Mirai but focuses solely on DoS attacks. This threat highlights the importance of exposure management in cybersecurity.
MITRE ATT&CK & Malware Families
Indicators of Compromise (44)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| IPv4 | 83.150.218.93 | — | 2026-03-11 | |
| IPv4 | 87.121.84.31 | — | 2026-03-11 | |
| IPv4 | 87.121.84.75 | — | 2026-03-11 | |
| IPv4 | 14.103.145.202 | — | 2026-03-11 | |
| IPv4 | 14.103.145.211 | — | 2026-03-11 | |
| IPv4 | 192.183.232.142 | — | 2026-03-11 | |
| IPv4 | 37.32.15.8 | — | 2026-03-11 | |
| IPv4 | 38.59.219.27 | — | 2026-03-11 | |
| IPv4 | 41.231.37.153 | — | 2026-03-11 | |
| IPv4 | 74.194.191.52 | — | 2026-03-11 | |
| IPv4 | 99.241.94.234 | — | 2026-03-11 | |
| CVE | CVE-2023-46604 | — | 2026-03-11 | |
| CVE | CVE-2025-20281 | — | 2026-03-11 | |
| CVE | CVE-2025-24016 | — | 2026-03-11 | |
| CVE | CVE-2025-24893 | — | 2026-03-11 | |
| CVE | CVE-2025-32756 | — | 2026-03-11 | |
| CVE | CVE-2025-37164 | — | 2026-03-11 | |
| CVE | CVE-2025-47812 | — | 2026-03-11 | |
| CVE | CVE-2025-48827 | — | 2026-03-11 | |
| CVE | CVE-2025-52089 | — | 2026-03-11 | |
| CVE | CVE-2025-55182 | — | 2026-03-11 | |
| CVE | CVE-2025-57296 | — | 2026-03-11 | |
| CVE | CVE-2025-62593 | — | 2026-03-11 | |
| FileHash-MD5 | 0d54448fe3c9b048c6d48c6ee2f6f936 | — | 2026-03-11 | |
| FileHash-SHA1 | aa13e8e1bda39dd665cdf1edb0261b364e53c731 | — | 2026-03-11 | |
| FileHash-SHA256 | 691e4ec280aaff33270f33a9bb48a3fc38e2bd91c7359e687e3f0bd682f20b54 | — | 2026-03-11 | |
| FileHash-SHA256 | ce6375a4077edaf2f83847e3cefd8eb9535da249806d3214b22a0d50891c7b4c | — | 2026-03-11 | |
| IPv4 | 154.91.254.95 | — | 2026-03-11 | |
| IPv4 | 169.255.72.169 | — | 2026-03-11 | |
| IPv4 | 192.159.99.95 | — | 2026-03-11 | |
| IPv4 | 192.253.248.5 | — | 2026-03-11 | |
| IPv4 | 23.228.188.126 | — | 2026-03-11 | |
| IPv4 | 45.125.66.100 | — | 2026-03-11 | |
| IPv4 | 45.135.194.11 | — | 2026-03-11 | |
| IPv4 | 45.135.194.32 | — | 2026-03-11 | |
| IPv4 | 45.135.194.34 | — | 2026-03-11 | |
| IPv4 | 45.153.34.156 | — | 2026-03-11 | |
| IPv4 | 45.156.87.165 | — | 2026-03-11 | |
| IPv4 | 45.8.145.203 | — | 2026-03-11 | |
| IPv4 | 70.184.13.47 | — | 2026-03-11 | |
| IPv4 | 78.153.149.90 | — | 2026-03-11 | |
| IPv4 | 83.252.42.112 | — | 2026-03-11 | |
| IPv4 | 87.121.84.132 | — | 2026-03-11 | |
| domain | x1337.cc | — | 2026-03-11 |