Security News Your Internet Provider Might Have Got Hacked

[lokamoka820]

Content source

https://www.howtogeek.com/us-isp-hacks-2024/

Since July 12, four unnamed American Internet Service Providers (ISPs) have been hacked. They all used the same platform to manage and control their vast networking enterprise. By infiltrating this platform, hackers managed to steal customer credentials, which were otherwise encrypted.

Black Lotus Labs first discovered and reported the vulnerability in Versa Director (the platform these four ISPs were using) two days ago. The researchers identified the first exploitation of this vulnerability dating back to June 12, 2024, and it was only patched on August 26, 2024.

The attackers hijacked small office and home office routers to enter Versa Director systems. They were able to penetrate Versa’s systems because of an exposed port (which should have been protected by a hardened firewall, but the affected ISPs didn’t follow Versa’s instructions). The threat actors used this entry point to inject a malicious java file called “VersaMem.” That’s where the bug was: the file upload system which should have sanitized this file. This code gave them admin access to the entire Versa Director dashboard.

 

[oldschool]

Of course, nonw of the linked pages specifically identified the victims.

 

[simmerskool]

What's the thinking behind not naming these 4 ISP?

 

[simmerskool]

Of course, nonw of the linked pages specifically identified the victims.

? I just read the URL link in full and it did not see the names of the 4 unnamed ISP?

 

[Dark Knight]

It's funny how every single article written about this that NONE of them mention which ISP's it was that got hacked ... why is this?

People deserve to know if they are connected to a network that is NOT SAFE. I don't care who did it and what they used to do it and what idiot left what port open , we want NAMES!