New Rust Botnet "RustoBot" is Routed via Routers

FortiGuard Labs discovered and analyzed “RustoBot,” a Rust-written botnet that exploits command-injection flaws in TOTOLINK and DrayTek devices (including CVE-2024-12987 and multiple TOTOLINK CVEs) to gain remote control and launch DDoS attacks; the report covers downloader behavior, architecture variants, C2 infrastructure, observed incidents across Japan, Taiwan, Vietnam, and Mexico, IOCs (URLs, hosts, file hashes), and Fortinet protections and recommendations.