In October 2023, Black Lotus Labs experts identified nearly 600 thousand client routers of the American Internet provider Windstream that were hacked in just three days. Details of this event appeared On the Black Lotus Labs blog at the end of May.
It is stated that approximately 600 thousand Wi-Fi routers, which constitute 49% of all Windstream network devices, are infected with the virus. The main routers affected were ActionTec T3200 and T3260, as well as Sagemcom devices.
According to experts, the event called the Pumpkin Eclipse occurred between October 25 and October 27. Despite the extent of the failure, the American provider has not officially acknowledged problems in the operation of its services. Users reported that the company fixed the problem by replacing the damaged equipment.
Cybersecurity experts revealed that the cause of the failure was a malicious firmware package that removed key parts of the routers’ working code. The malware was identified as Chalubo, a remote access Trojan. The firmware’s distribution method is unknown, but it is suspected of exploiting vulnerabilities, weak credentials, or access to administrative tools.
The incident left many customers unable to use their home phones and temporarily disconnected from the outside world, especially in remote areas. The attackers, whose motives were never disclosed, were able to hide their tracks and use Chalubo to run their own Lua scripts on infected devices, making it impossible for users to recover the firmware.
Previously in the USA arrested Dangerous Chinese hacker.
What are you thinking?
Source: Gazeta
Jackson Ruhl is a tech and sci-fi expert, who writes for “Social Bites”. He brings his readers the latest news and developments from the world of technology and science fiction.