EXPERT analysts have discovered a massive hack affecting Wi-Fi routers with thousands already compromised.
Analysts who uncovered the hack said it has already impacted over 9,000 devices and is still ongoing.
3
So far only Asus routers have been hit by the hackers who seem to be adding the devices to their “army” after gaining control.
It remains unclear what the internet crooks intend to do with the nearly 10,000 routers they have gained control over.
The hack was detected by an AI system known as “sift” in March, this led analysts to investigate.
Working for cybersecurity platform GreyNoise Enterprise, who designed the AI, analysts quickly identified and named the hack.
The firm collects and analyses Internet-wide scan and attack data to provide insights into potential threats.
The attack has been dubbed “ViciousTrap” by security experts who are monitoring the ongoing situation.
Attackers stealthily accessed the routers over a period of time with their access seemingly immune to reboots and firmware updates.
This gives the hackers control over the affected devices that is hard to block or remove.
Despite the hack being identified the number of devices being affected is still rising indicating that the hack has not been stopped.
Experts have said the hack is essentially invisible with little to no trace that devices have been affected.
The reason why the attackers are building their army of routers is still a mystery.
Asus has addressed the weaknesses that initially granted the hackers access to their routers.
How to stay safe from hackers
- Protect your devices and networks by keeping them up to date: use the latest supported versions, use anti-virus and scan regularly to guard against known malware threats.
- Use multi-factor authentication to reduce the impact of password compromises.
- Tell staff how to report suspected phishing emails, and ensure they feel confident to do so, investigate their reports promptly and thoroughly.
- Set up a security monitoring capability so you are collecting the data that will be needed to analyse network intrusions
- Prevent and detect lateral movement in your organisation’s networks.
A GreyNoise report on the hack said: “The techniques used reflect long-term access planning and a high level of system knowledge.”
Government authorities were notified of the hack shortly after it was discovered.
Routers are always exposed to the Internet, and move significant amounts of highly valuable data, making them actively sought after targets for hacks.
Experts are recommending performing a complete factory reset on Asus routers that may be affected.
Following the reset experts are urging users to update their router firmware and reconfigure their devices manually.
Updating routers to the latest firmware from or after May 27 can protect unaffected routers from falling victim to the hack and help remedy already affected routers.
No source for the hack or a reason behind it have been identified yet.
3
Leave a Reply