All articles tagged with #black lotus labs
A cyberattack last year disabled over 600,000 internet routers across several Midwest states, with new research identifying the malware as "Chalubo." The attack targeted ActionTec routers, and the affected ISP is believed to be Windstream. The incident was not disclosed at the time, and the exact method of the attack remains unclear. Black Lotus Labs recommends securing management devices and avoiding basic security weaknesses.
A new variant of TheMoon malware has infected 6,000 ASUS routers in 72 hours, linking them to the Faceless proxy service used by cybercriminals for anonymizing malicious activities. The malware targets end-of-life ASUS routers, likely exploiting known vulnerabilities or weak credentials to gain access. Once infected, the routers are used as proxies to route traffic for cybercriminals. To defend against these botnets, users are advised to use strong admin passwords, upgrade firmware, and replace end-of-life devices with actively supported models.