Found 17 bookmarks
Newest
The Pumpkin Eclipse
The Pumpkin Eclipse
Executive Summary Lumen Technologies’ Black Lotus Labs identified a destructive event, as over 600,000 small office/home office (SOHO) routers were taken offline belonging to a single internet service provider (ISP). The incident took place over a 72-hour period between October 25-27, rendered the infected devices permanently inoperable, and required a hardware-based replacement. Public scan data Lumen Technologies’ Black Lotus Labs identified a destructive event, as over 600,000 small office/home office (SOHO) routers were taken offline belonging to a single internet service provider (ISP).
#lumen#EN#2024#IoT#routers#destructive#SOHO#ISP#72-hour#Chalubo
·blog.lumen.com·
The Pumpkin Eclipse
Eight Arms to Hold You: The Cuttlefish Malware
Eight Arms to Hold You: The Cuttlefish Malware
Executive Summary: The Black Lotus Labs team at Lumen Technologies is tracking a malware platform we’ve named Cuttlefish, that targets networking equipment, specifically enterprise-grade small office/home office (SOHO) routers. This malware is modular, designed primarily to steal authentication material found in web requests that transit the router from the adjacent local area network (LAN). A
#lumen#EN#2024#Cuttlefish#Malware#SOHO#routers#DNS-hijacking#sniffing#iot
·blog.lumen.com·
Eight Arms to Hold You: The Cuttlefish Malware
The Darkside of TheMoon
The Darkside of TheMoon
Executive Summary The Black Lotus Labs team at Lumen Technologies has identified a multi-year campaign targeting end-of-life (EoL) small home/small office (SOHO) routers and IoT devices, associated with an updated version of “TheMoon” malware. TheMoon, which emerged in 2014, has been operating quietly while growing to over 40,000 bots from 88 countries in January and
#lumen#EN#2020#SOHO#TheMoon#campaign#EoL#routers#IoT#proxy
·blog.lumen.com·
The Darkside of TheMoon
KV-Botnet: Don’t call it a Comeback - Lumen
KV-Botnet: Don’t call it a Comeback - Lumen
Executive Summary On December 13, 2023, Lumen’s Black Lotus Labs reported our findings on the KV-botnet, a covert data transfer network used by state-sponsored actors based in China to conduct espionage and intelligence activities targeting U.S. critical infrastructure. Around the time of the first publication, we identified a spike in activity that we assess aligns
#lumen#EN#2024#KV-Botnet#China#espionnage#report
·blog.lumen.com·
KV-Botnet: Don’t call it a Comeback - Lumen