Worldwide, several hacked Cisco routers discovered that the firmware was modified so that the attackers held permanent access to the network. That leaves the US security firm FireEye know. Recently warned even though Cisco for attacks through custom firmware.
The routers are detected hacked custom firmware in Ukraine, Philippines, Mexico and India. It involves a total of 14 devices. How the attackers access to the routers were able to get is unknown, but according to FireEye is probably not using a zero day attack. "It is believed that were the default login data set or to be discovered by the attacker to install the backdoor," said the security guard. The router would be an ideal target for further attacks because of its position in the network.
Once active it can through the backdoor different modules are placed on the router. For now goes to the Cisco 1841, 2811 and 3825 routers, but FireEye warns that other models are or will be attacked. Also expects the security guard that this attack method popular among attackers will be. Because the firmware is updated, the attackers retain, maintain access to the router, even though the device will restart. In addition, to detect the custom router-firmware difficult.
No comments:
Post a Comment