Monday 21 September 2015

Cisco Scans The Internet On Hacked Routers


Cisco has teamed up with the Shadow Server Foundation the past few days the Internet scans on hacked Cisco routers, which eventually yielded 199 suspicious IP addresses. Recently warned both Cisco and security for the SYNFUL Knock-malware.

Attackers appear to hack through stolen passwords or physical access Cisco routers and install a customized version of the operating system; the SYNFUL Knock-malware. Through the malware continue to keep the attackers access to the corporate network, even resetting the router. By scanning the Internet Cisco affected customers can now warn. The scan yielded 199 IP addresses that behavior that matches the SYNFUL Knock-malware.

The number of IP addresses varies, as found in a scan yesterday there 163 IP addresses. Perhaps the 'disappeared' 36 routers were cleaned or online. Most of the infected routers are located in the United States. It involves a total of 65 IP addresses. Remote tracking India (12), Russia (11) and Poland (9). Organizations are advised to identify hacked routers and the infection as quickly as possible to remove. Cisco recently published explanation how the infected routers can be found and cleaned up.

No comments:

Post a Comment