views
If you have an internet router that is not up to date or obsolete, you may want to be careful—as a new report claims that Chinese hackers are targeting them to install backdoor malware to compromise networks.
As reported by Check Point Research, a hacker group named ‘Camaro Dragon’ is implanting TP-Link routers with harmful software—including a backdoor named ‘Horse Shell.’ This backdoor agent can give full control of the infected device to the hackers—as it remains undetected—and continues to access compromised networks.
The attacks are reportedly being carried out against European foreign affairs entities and it is said that the attacks are “Chinese state-sponsored."
Per the report, bigger, more ambitious attacks are carried out using the router implants. “Router implants are often installed on arbitrary devices with no particular interest, with the aim to create a chain of nodes between the main infections and real command and control," the report said.
Simply put, hackers are infecting routers to establish a framework—which will facilitate a ‘larger goal.’
However, it is currently not certain how the hackers got access to TP-Link devices and infect them with malicious implants—but it could be possible that the hackers got access by deliberately scanning them for already known vulnerabilities or targeting devices with weak passwords.
Further, the attacks are not just limited to TP-Link routers, but products from other vendors are also susceptible. Ergo, always choose strong passwords, update your devices to the latest available software, and also update your routers—as manufacturers may have released patches to address vulnerabilities.
Comments
0 comment