Threat Intelligence Report

Inside the Cross-Platform Propagation of a New Gafgyt Variant C0XMO

📅 June 3, 2026 📰 www.fortinet.com 🔍 5 CVE(s) referenced

The new Gafgyt variant C0XMO leverages a critical DD-WRT vulnerability and a modular Python-based scanner to efficiently compromise and persist across diverse Linux-based devices, aggressively eliminating competing malware and enabling large-scale, multi-vector DDoS attacks.

vendor

CVE-2021-27137, CVE-2022-35914, CVE-2025-34054, CVE-2015-2051, CVE-2016-15047

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap

🎯 IOC Extraction

⚔️ MITRE ATT&CK TTPs

📦 STIX 2.1 Bundle