Fortune 500 firms are the target for a hacker who is using a new variant of the RouteX malware to infect Netgear routers. The malware hijacks vulnerable routers and turns them into SOCKS proxies, which the attacker then leverages in further attacks involving “credential stuffing against Fortune 500 companies”. Researchers at US-based cybersecurity firm Forkbombus Labs, who uncovered the attacks, said that their analysis into the attacks led them to the discovery that the RouteX malware was linked to the Links malware, which they deem RouteX’s predecessor. The researchers also said that the hacker is exploiting a particular vulnerability that affects the web server included with Netgear WNR routers, which was disclosed last year.
View Full Story
ORIGINAL SOURCE: IB Times UK