Illustration: Annelise Capossela/Axios Researchers have uncovered an ongoing, monthslong malware campaign that’s targeting and stealing data from pharmaceutical, IT services and consulting firms through their internet routers. Driving the news: Researchers at Lumen Technologies released a blog post Monday detailing the malware campaign, dubbed HiatusRAT, which started in July and has already affected at least 100 businesses across Europe, North America and Latin America. The attackers are targeting end-of-life DrayTek Vigor router models 2960 and 3900, which are popular with small to midsized businesses and allow users to remotely connect to corporate networks. As of mid-February, roughly 4,100 machines were still vulnerable to the attack, according to the researchers. The big picture: Internet routers have always been a ripe target of hackers given their insecure designs and the amount of data that flows through them. The risk jumped during the pandemic as workers relied more heavily on their at-home routers to connect to corporate networks. Details: Researchers believe hackers are seizing the routers as part of a long-term espionage and data exfiltration operation, although it remains unclear who is behind the campaign. The HiatusRAT malware intercepts any data that passes through its systems and sends it to the hackers. […]
K&X Design and Investment Technology, LLC
Invest The Invisible Impact
K&X Design and Investment Technology, LLC
Invest The Invisible Impact
