“If a business is using one of these routers, they will attack for their own infrastructure,” said David Shipley of Beauceron Security. “It’s very likely that this will be a small business without a firewall, which could lead to something like ransomware attacks.”
Hackers can confuse their location and gain administrative access
FLASH Advisory, released to quickly spread information about critical cybersecurity issues to security teams and system administrators, explicitly convening 13 Linksys, Cradlepoint and Cisco models are often hijacked. These include:
- Linksys E1200, E2500, E1000, E4200, E1500, E300, E3200, E1550, WRT320N, WRT310N, WRT610N
- Cradlepoint E100
- Cisco M10
According to the FBI, threat actors, especially those sponsored by China, are successfully exploiting known vulnerabilities in known routers through pre-installed remote management software. They then install malware, set up a botnet, sell proxy services, or initiate coordinated attacks.
