Threat actors are using advanced malware to backdoor business-grade routers

MuzzMelbourne · Mar 6, 2023

Hiatus hacking campaign has infected roughly 100 Draytek routers.
Researchers have uncovered advanced malware that’s turning business-grade routers into attacker-controlled listening posts that can sniff email and steal files in an ongoing campaign hitting North and South America and Europe.
Besides passively capturing IMAP, SMTP, and POP email, the malware also backdoors routers with a remote access Trojan that allows the attackers to download files and run commands of their choice. The backdoor also enables attackers to funnel data from other servers through the router, turning the device into a covert proxy for concealing the true origin of malicious activity.

Threat actors are using advanced malware to backdoor business-grade routers

Hiatus hacking campaign has infected roughly 100 Draytek routers.

arstechnica.com

Search

Threat actors are using advanced malware to backdoor business-grade routers

MuzzMelbourne

Level 15

Hiatus hacking campaign has infected roughly 100 Draytek routers.

Threat actors are using advanced malware to backdoor business-grade routers

Similar threads

Threat actors are using advanced malware to backdoor business-grade routers

MuzzMelbourne

Level 15

Hiatus hacking campaign has infected roughly 100 Draytek routers.​

Threat actors are using advanced malware to backdoor business-grade routers

Similar threads

Hiatus hacking campaign has infected roughly 100 Draytek routers.