Hello!
There has been a huge uptick of the Mozi botnet[1] from Indian
networks(major chunk from a single network) in the past one week.
Based on prior information about Mozi and what I have seen at first
glance, it appears to have primarily targeted CPE's with default
login/weak credentials, but there could be more.
Some of the affected CPE's along with mitigation outlined by Netlab 360 [2]
[1]: https://www.darkreading.com/iot/new-malware-family-assembles-iot-botnet--/d/...
[2]: https://blog.netlab.360.com/mozi-another-botnet-using-dht/