1y ago

Mystery malware destroys 600,000 routers from a single ISP during 72-hour span

arstechnica.com

Technology @lemmy.zip

BrikoX @lemmy.zip

1y ago

Mystery malware destroys 600,000 routers from a single ISP during 72-hour span

arstechnica.com /security/2024/05/mystery-malware-destroys-600000-routers-from-a-single-isp-during-72-hour-span/

26 comments

- It’s possible the “mystery” they refer to could be related to the identity of the hacker(s), how it got onto the routers in the first place, or the purpose for the attack
  
  "mystery malware"
  The article clarifies the name of the malware.
  Clickbait BS. Why are you being disingenuous?
- As someone who works with 100Gbps networking:
  why the heck do these routers run Lua of all things???
  
  OpenWRT uses Lua for its web UI. The interpreter can be really small which works well for tiny embedded devices with mere megabytes of storage, and it's much safer than writing a web GUI entirely in C.
  
  I imagine the malware binary includes a lua interpreter for executing scripts fetched from its command and control server.
One day last October, subscribers to an ISP known as Windstream
In case anyone only reads the headline
Oh shit, I use Windstream, this explains a lot about why they were so busy replacing everyones routers down here. I had assumed it was just a defective design since they used all the same units for every network, but it was actually malware, wild
the sad thing is this is just routers, think about all of the IoT devices that are compromised due to vendors not caring about patching security issues, just worrying about selling IoT.
- insecam.org for a quick demo of insecure devices
  
  Shodan also has a lot of fun searches.
- Or having non existent security
Keep firing tech people, the tech peiple will have to find an hobby
And that’s why you should run your own router. Preferably using open firmware/OS like ddwrt or pfSense/opnSense.
- I'm curious, does running open source software somehow exempt you from getting malware?
  
  Not necessarily, but the odds of getting popped by a heretofore undisclosed backdoor that your ISP didn’t think would be a big deal are eliminated entirely, and you can also do a lot more interesting things with your home infrastructure, if that’s your thing.

26 comments