ZuoRAT Hijacks SOHO Routers to Silently Stalk Networks
Black Lotus Labs, is currently tracking elements of what appears to be a sophisticated campaign leveraging infected SOHO routers to target predominantly NA and European networks of interest.
The Pumpkin Eclipse
Executive Summary Lumen Technologies’ Black Lotus Labs identified a destructive event, as over 600,000 small office/home office (SOHO) routers were taken offline belonging to a single internet service provider (ISP). The incident took place over a 72-hour period between October 25-27, rendered the infected devices permanently inoperable, and required a hardware-based replacement. Public scan data Lumen Technologies’ Black Lotus Labs identified a destructive event, as over 600,000 small office/home office (SOHO) routers were taken offline belonging to a single internet service provider (ISP).
Eight Arms to Hold You: The Cuttlefish Malware
Executive Summary: The Black Lotus Labs team at Lumen Technologies is tracking a malware platform we’ve named Cuttlefish, that targets networking equipment, specifically enterprise-grade small office/home office (SOHO) routers. This malware is modular, designed primarily to steal authentication material found in web requests that transit the router from the adjacent local area network (LAN). A
ZuoRAT Hijacks SOHO Routers to Silently Stalk Networks
Black Lotus Labs, is currently tracking elements of what appears to be a sophisticated campaign leveraging infected SOHO routers to target predominantly NA and European networks of interest.
The Darkside of TheMoon
Executive Summary The Black Lotus Labs team at Lumen Technologies has identified a multi-year campaign targeting end-of-life (EoL) small home/small office (SOHO) routers and IoT devices, associated with an updated version of “TheMoon” malware. TheMoon, which emerged in 2014, has been operating quietly while growing to over 40,000 bots from 88 countries in January and
ZuoRAT Hijacks SOHO Routers to Silently Stalk Networks
Black Lotus Labs, is currently tracking elements of what appears to be a sophisticated campaign leveraging infected SOHO routers to target predominantly NA and European networks of interest.
ZuoRAT Hijacks SOHO Routers to Silently Stalk Networks
Black Lotus Labs, is currently tracking elements of what appears to be a sophisticated campaign leveraging infected SOHO routers to target predominantly NA and European networks of interest.
KV-Botnet: Don’t call it a Comeback - Lumen
Executive Summary On December 13, 2023, Lumen’s Black Lotus Labs reported our findings on the KV-botnet, a covert data transfer network used by state-sponsored actors based in China to conduct espionage and intelligence activities targeting U.S. critical infrastructure. Around the time of the first publication, we identified a spike in activity that we assess aligns
ZuoRAT Hijacks SOHO Routers to Silently Stalk Networks
Black Lotus Labs, is currently tracking elements of what appears to be a sophisticated campaign leveraging infected SOHO routers to target predominantly NA and European networks of interest.
ZuoRAT Hijacks SOHO Routers to Silently Stalk Networks
Black Lotus Labs, is currently tracking elements of what appears to be a sophisticated campaign leveraging infected SOHO routers to target predominantly NA and European networks of interest.
ZuoRAT Hijacks SOHO Routers to Silently Stalk Networks
Black Lotus Labs, is currently tracking elements of what appears to be a sophisticated campaign leveraging infected SOHO routers to target predominantly NA and European networks of interest.
New HiatusRAT router malware covertly spies on victims - Lumen
Lumen Black Lotus Labs identified a new campaign involving compromised routers. HiatusRAT allows threat actors to remotely interact with the system.
Chaos is a Go-based Swiss army knife of malware
Black Lotus Labs, the threat intelligence arm of Lumen Technologies, recently uncovered a multifunctional Go-based malware developed for Windows and Linux
ZuoRAT Hijacks SOHO Routers to Silently Stalk Networks
Black Lotus Labs, is currently tracking elements of what appears to be a sophisticated campaign leveraging infected SOHO routers to target predominantly NA and European networks of interest.
New HiatusRAT router malware covertly spies on victims - Lumen
Lumen Black Lotus Labs identified a new campaign involving compromised routers. HiatusRAT allows threat actors to remotely interact with the system.
Chaos is a Go-based Swiss army knife of malware
Black Lotus Labs, the threat intelligence arm of Lumen Technologies, recently uncovered a multifunctional Go-based malware developed for Windows and Linux
ZuoRAT Hijacks SOHO Routers to Silently Stalk Networks
Black Lotus Labs, is currently tracking elements of what appears to be a sophisticated campaign leveraging infected SOHO routers to target predominantly NA and European networks of interest.
ZuoRAT Hijacks SOHO Routers to Silently Stalk Networks
Black Lotus Labs, is currently tracking elements of what appears to be a sophisticated campaign leveraging infected SOHO routers to target predominantly NA and European networks of interest.