Netgear, D-Link, and Huawei routers are being probed for weak Telnet passwords and taken over by a new peer-to-peer (P2P) botnet dubbed Mozi. The malware uses telnet and exploits for propagation to new vulnerable devices by logging in to any targeted router or CCTV DVR that comes with a weak password, dropping and executing a payload after successfully exploiting unpatched hosts. The next stage of the infection sees the new bot nodes receiving and executing commands from the botnet master. The main instructions accepted by Mozi nodes are designed to launch DDoS attacks.
Source: https://www.bleepingcomputer.com/news/security/new-mozi-p2p-botnet-takes-over-netgear-d-link-huawei-routers/