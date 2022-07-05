checkAd

SAM responds to ZuoRAT, the game changing attack that emphasizes the need for router protection

Tel Aviv, Israel (ots/PRNewswire) - ZuoRAT is a sophisticated multi-tier, router
fleet attack targeting home-office routers on an unprecedented scale, and is the
most significant widespread attack since Mirai in 2016. Help is on the way with
protection for routers and all devices connected to them by SAM

Following the announcement issued by Lumen Technologies' Black Lotus Labs on
6/29/2022, SAM Seamless Network, the global leader of security and intelligence
services for unmanaged networks and IoTs, today reveals the extent of the attack
and how to protect against it.

Yesterday Lumen research labs published a report outlining a widespread
cyber-attack for home and SOHO networks. These attacks were generated by a
well-organized group, possibly a state-sponsored organization, which
investigated and exploited several vulnerabilities found in routers. It affects
the hardware of well-known vendors such as Asus, Cisco, DrayTek and NETGEAR. The
list is not exhaustive and other routers may still be compromised. The evidence
gathered so far indicated that this group has been planning this attack scenario
for months.

ZuoRAT is a multi-tier attack infiltrating home and home-office consumer-grade
routers. Once in the network , it exploits vulnerabilities on all connected
computers and devices, making it possible for the attackers to commit a very
sophisticated attack using two of the most dangerous methods: Man-in-the-Middle
(https://securingsam.com/the-bogeyman-threat-of-iots-in-your-networks/) (MITM)
and Trojan Horse.

With MITM attacks, routers and IoTs in unmanaged networks could be leveraged by
perpetrators to position themselves in a conversation between a user and an
application. This can allow access to a user's credentials, bank accounts,
social media accounts, an employer's VPN, browsing history, personal preferences
and essentially any online activity that is transmitted via the router.

Essentially, once attackers have gained access to the router they have
visibility to everything on the network. The second stage will then be to
infiltrate an organization using the injection of a RAT (Remote Access Trojan)
onto a PC, providing the attackers complete freedom to act as they wish and
gather all information on the network, including traffic and all existing
vulnerabilities - this is all typically the first step in a widespread attack.

Everyone using the compromised home network is at risk. This attack is aimed at
consumers (https://securingsam.com/how-to-secure-home-wifi-networks/) and SOHO (
https://securingsam.com/why-is-protecting-micro-businesses-from-cyberattacks-imp
ortant-for-telcos/) businesses, but there could also be implications for
