• Login
No Result
View All Result
My Blog
  • Home
  • World
  • Politics
  • Business
  • Science
  • Tech
    Listen to Music Without Blocking Out the World with These Headphones

    Listen to Music Without Blocking Out the World with These Headphones

    Air India To Use ‘Coruson’ Software For Safety Management

    Air India To Use ‘Coruson’ Software For Safety Management

    Bversity Raises INR 1.5 Crore In Seed Funding

    Bversity Raises INR 1.5 Crore In Seed Funding

    There’s So Much More to NFTs and Web3 Than the FTX Crash

    There’s So Much More to NFTs and Web3 Than the FTX Crash

    Why Software Talent Is Still in Demand Despite Tech Layoffs, Downturn and a Potential Recession

    Why Software Talent Is Still in Demand Despite Tech Layoffs, Downturn and a Potential Recession

    Are You Hesitant to Use AR Technology? Here’s Why You Need to Jump on It Now.

    Are You Hesitant to Use AR Technology? Here’s Why You Need to Jump on It Now.

    Trending Tags

    • Sillicon Valley
    • Climate Change
    • Election Results
    • Flat Earth
    • Golden Globes
    • MotoGP 2017
    • Mr. Robot
  • Entertainment
    • All
    • Movie
    • Music
    • Sports
    The ‘Dune’ Miniseries Is a Fascinating Piece of History

    The ‘Dune’ Miniseries Is a Fascinating Piece of History

    Coinbase Offered Them Dream Jobs—and Then Took Them Away

    Coinbase Offered Them Dream Jobs—and Then Took Them Away

    The January 6 Hearings Are Fighting for Your Attention

    The January 6 Hearings Are Fighting for Your Attention

    12 Best Messenger Bags (2022): Crossbody, Slings, Shoulder Bags

    12 Best Messenger Bags (2022): Crossbody, Slings, Shoulder Bags

    Big Tech Has Become a Creature of the Swamp

    Big Tech Has Become a Creature of the Swamp

    Sea to Summit Alto TR1 Review: A Fantastic Ultralight Tent

    Sea to Summit Alto TR1 Review: A Fantastic Ultralight Tent

    Prediction Engines Are Like Karma: You Get What You Stream

    Prediction Engines Are Like Karma: You Get What You Stream

    ‘The Quarry’ Lets You Experience What’s Great About Slasher Films

    ‘The Quarry’ Lets You Experience What’s Great About Slasher Films

    Summer Game Fest’s Biggest Announcement? A ‘Last of Us’ Remake

    Summer Game Fest’s Biggest Announcement? A ‘Last of Us’ Remake

  • Lifestyle
    • All
    • Fashion
    • Health
    • Travel
    nurse

    Everything You Need To Know About Nurse Residency

    Drug detox

    Are you the right candidate for medical detox?

    The Benefit of Using Sunscreen Protection

    Gift Ideas for Celebrating a Loved One’s College Acceptance

    What are the major reasons to form gall bladder stones?

    The ‘Dune’ Miniseries Is a Fascinating Piece of History

    The ‘Dune’ Miniseries Is a Fascinating Piece of History

    Coinbase Offered Them Dream Jobs—and Then Took Them Away

    Coinbase Offered Them Dream Jobs—and Then Took Them Away

    The January 6 Hearings Are Fighting for Your Attention

    The January 6 Hearings Are Fighting for Your Attention

    12 Best Messenger Bags (2022): Crossbody, Slings, Shoulder Bags

    12 Best Messenger Bags (2022): Crossbody, Slings, Shoulder Bags

    Big Tech Has Become a Creature of the Swamp

    Big Tech Has Become a Creature of the Swamp

    Trending Tags

    • Golden Globes
    • Mr. Robot
    • MotoGP 2017
    • Climate Change
    • Flat Earth
  • More
    • Directions
  • Home
  • World
  • Politics
  • Business
  • Science
  • Tech
    Listen to Music Without Blocking Out the World with These Headphones

    Listen to Music Without Blocking Out the World with These Headphones

    Air India To Use ‘Coruson’ Software For Safety Management

    Air India To Use ‘Coruson’ Software For Safety Management

    Bversity Raises INR 1.5 Crore In Seed Funding

    Bversity Raises INR 1.5 Crore In Seed Funding

    There’s So Much More to NFTs and Web3 Than the FTX Crash

    There’s So Much More to NFTs and Web3 Than the FTX Crash

    Why Software Talent Is Still in Demand Despite Tech Layoffs, Downturn and a Potential Recession

    Why Software Talent Is Still in Demand Despite Tech Layoffs, Downturn and a Potential Recession

    Are You Hesitant to Use AR Technology? Here’s Why You Need to Jump on It Now.

    Are You Hesitant to Use AR Technology? Here’s Why You Need to Jump on It Now.

    Trending Tags

    • Sillicon Valley
    • Climate Change
    • Election Results
    • Flat Earth
    • Golden Globes
    • MotoGP 2017
    • Mr. Robot
  • Entertainment
    • All
    • Movie
    • Music
    • Sports
    The ‘Dune’ Miniseries Is a Fascinating Piece of History

    The ‘Dune’ Miniseries Is a Fascinating Piece of History

    Coinbase Offered Them Dream Jobs—and Then Took Them Away

    Coinbase Offered Them Dream Jobs—and Then Took Them Away

    The January 6 Hearings Are Fighting for Your Attention

    The January 6 Hearings Are Fighting for Your Attention

    12 Best Messenger Bags (2022): Crossbody, Slings, Shoulder Bags

    12 Best Messenger Bags (2022): Crossbody, Slings, Shoulder Bags

    Big Tech Has Become a Creature of the Swamp

    Big Tech Has Become a Creature of the Swamp

    Sea to Summit Alto TR1 Review: A Fantastic Ultralight Tent

    Sea to Summit Alto TR1 Review: A Fantastic Ultralight Tent

    Prediction Engines Are Like Karma: You Get What You Stream

    Prediction Engines Are Like Karma: You Get What You Stream

    ‘The Quarry’ Lets You Experience What’s Great About Slasher Films

    ‘The Quarry’ Lets You Experience What’s Great About Slasher Films

    Summer Game Fest’s Biggest Announcement? A ‘Last of Us’ Remake

    Summer Game Fest’s Biggest Announcement? A ‘Last of Us’ Remake

  • Lifestyle
    • All
    • Fashion
    • Health
    • Travel
    nurse

    Everything You Need To Know About Nurse Residency

    Drug detox

    Are you the right candidate for medical detox?

    The Benefit of Using Sunscreen Protection

    Gift Ideas for Celebrating a Loved One’s College Acceptance

    What are the major reasons to form gall bladder stones?

    The ‘Dune’ Miniseries Is a Fascinating Piece of History

    The ‘Dune’ Miniseries Is a Fascinating Piece of History

    Coinbase Offered Them Dream Jobs—and Then Took Them Away

    Coinbase Offered Them Dream Jobs—and Then Took Them Away

    The January 6 Hearings Are Fighting for Your Attention

    The January 6 Hearings Are Fighting for Your Attention

    12 Best Messenger Bags (2022): Crossbody, Slings, Shoulder Bags

    12 Best Messenger Bags (2022): Crossbody, Slings, Shoulder Bags

    Big Tech Has Become a Creature of the Swamp

    Big Tech Has Become a Creature of the Swamp

    Trending Tags

    • Golden Globes
    • Mr. Robot
    • MotoGP 2017
    • Climate Change
    • Flat Earth
  • More
    • Directions
No Result
View All Result
My Blog
No Result
View All Result
Home National

A New, Remarkably Sophisticated Malware Is Attacking Routers

by lacygibson
June 30, 2022
in National, World
0
A New, Remarkably Sophisticated Malware Is Attacking Routers
0
SHARES
1
VIEWS
Share on FacebookShare on Twitter


very advanced The hacker group spent nearly two years infecting various routers in North America and Europe with malware that took full control of connected devices running Windows, macOS and Linux, researchers reported on June 28.

So far, researchers from Lumen Technologies’ Black Lotus lab say they have identified at least 80 targets infected with stealth malware, including routers made by Cisco, Netgear, Asus and DrayTek. The remote access Trojan known as ZuoRAT is part of a wider hacking campaign that has been around and continues to operate since at least the fourth quarter of 2020.

high level of complexity

The discovery of custom malware written for the MIPS architecture and compiled for small office and home office routers is significant, especially given its functional scope. It is able to enumerate all devices connected to an infected router and collect the DNS lookups and network traffic they send and receive, and remains undetected, a hallmark of a highly sophisticated threat actor.

“While using SOHO routers as access vectors to access adjacent LANs is not a new technology, it is rarely reported,” the researchers at Black Lotus Labs wrote. “Similarly, regarding man-in-the-middle attacks (such as DNS and HTTP hijacking) Reports of ‘s are rarer and are a sign of a sophisticated and targeted operation. The use of both techniques consistently demonstrated a high level of sophistication as a threat actor, suggesting that the campaign may have been carried out by a state-sponsored group. “

The campaign included at least four pieces of malware, three of which were written from scratch by threat actors. The first is the MIPS-based ZuoRAT, which is very similar to the Mirai IoT malware, which achieved a record-breaking distributed denial of service attack that knocked some internet services down for days. ZuoRAT is typically installed by exploiting unpatched vulnerabilities in SOHO devices.

Once installed, ZuoRAT will enumerate devices connected to the infected router. Threat actors can then use DNS hijacking and HTTP hijacking to cause connected devices to install additional malware. Two of the malware — CBeacon and GoBeacon — are custom-built, the first written in C++ for Windows and the latter in Go for cross-compiling on Linux and macOS devices. For flexibility, ZuoRAT can also infect connected devices using the widely used Cobalt Strike hacking tool.

ZuoRAT can transfer infections to connected devices using one of two methods:

  • DNS hijacking, which replaces a valid IP address corresponding to a domain like Google or Facebook with a malicious IP address operated by an attacker.
  • HTTP hijacking, in which malware inserts itself into a connection to generate a 302 error, redirecting the user to a different IP address.

intentionally complicated

Black Lotus Labs said the command and control infrastructure used in the campaign was deliberately complicated to try to hide what was going on. One set of infrastructure is used to control infected routers, the other set is reserved for connected devices if they are later infected.

The researchers observed persistent connections from routers across 23 IP addresses to a control server, which they believe is performing an initial investigation to determine if the target is interested. Some of the 23 routers later interacted with proxy servers in Taiwan for three months. Another subset of routers spins to Canada-based proxy servers to confuse attackers’ infrastructure.

Tags: Attackinghacker attackmalicious softwareMalwareRemarkablyrouterRoutersSophisticatedtechnology
lacygibson

lacygibson

Next Post
School Surveillance Will Never Protect Kids From Shootings

School Surveillance Will Never Protect Kids From Shootings

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

NASA Delayed the Psyche Launch. Here’s Why That’s a Big Deal

NASA Delayed the Psyche Launch. Here’s Why That’s a Big Deal

6 months ago
The More You Buy, the More You Can Save on Cloud Storage

The More You Buy, the More You Can Save on Cloud Storage

5 months ago

Popular News

    Connect with us

    • Contact
    • Read Latest News Around The World – Frapios
    Write Us at: [email protected]

    Copyright Reserved © 2022

    No Result
    View All Result
    • Home
    • Politics
    • World
    • Business
    • Science
    • National
    • Entertainment
    • Gaming
    • Movie
    • Music
    • Sports
    • Fashion
    • Lifestyle
    • Travel
    • Tech
    • Health
    • Food

    Copyright Reserved © 2022

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In