ZuoRAT Malware Targets SOHO Routers To Infiltrate Networks

Share post:

Researchers from Lumen’s Black Lotus Labs threat intelligence unit have discovered a remote access trojan (RAT) called ZuoRAT. The malware targets remote employees by exploiting vulnerabilities in unpatched small office/home office (SOHO) routers.

The researchers estimate that at least 80 targets were affected by the campaign.

Lumen believes that the capabilities of the malware suggest that it was the work of a highly sophisticated actor.

These capabilities include “gaining access to SOHO devices of different makes and models, collecting host and LAN information to inform targeting, sampling and hijacking network communications to gain potentially persistent access to in-land devices, and intentionally stealth C2 infrastructure leveraging multistage siloed router to router communications.”

Lumen admits, however, that it has limited insight into the broader capabilities of the actor, but Lumen’s researchers are “confident” that the elements it is tracking are part of a broader campaign.

SOHO router manufacturers compromised include ASUS, Cisco, DrayTek, and Netgear.

The sources for this piece include an article in ZDNet.

Featured Tech Jobs


Related articles

Cyber Security Today, April 24, 2024 – Good news/bad news in Mandiant report, UnitedHealth admits paying a ransomware gang, and more

This episode reports on the danger of using expired open-source packages, a tool used by a Russian hacking group and passw

Google leader gives a tough message to employees

Google's search chief, Prabhakar Raghavan, delivered a powerful message to employees at a recent all-hands meeting: the tech...

Silicon Valley tech founder sentenced to prison for fraud

In a significant shake-up in Silicon Valley, Manish Lachwani, co-founder and former CEO of the mobile app-testing company...

Google Play introduces new biometric verification with a user warning

Google has recently announced updates to the biometric verification process for Google Play purchases, aiming to bolster security...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways