Backdoored firmware lets China state hackers control routers with “magic packets”::The modified firmware used by BlackTech is hard to detect.

  • @[email protected]
    link
    fedilink
    English
    121 year ago

    In an advisory of its own, Cisco said the threat actors are compromising the devices after acquiring administrative credentials and that there’s no indication they are exploiting vulnerabilities.

    If they aren’t exploiting vulnerabilities (and this is all because of mishandling of admin creds) then why are only Cisco routers being targeted?

    • @Darkard
      link
      English
      141 year ago

      They are loadi g in modified firmware apparently. Will be specific to Cisco hardware.

      It’s all kinda irrelevant though. If they managed to figure out your weak ass admin creds and you left your router open to access with no ACLs then installing some sneaky firmware is the least of your worries

      • @[email protected]
        link
        fedilink
        English
        21 year ago

        True, I wonder how many of these admin creds were on internal wikis or something like user: admin password: admin123