Tel Aviv, Israel (ots/PRNewswire) - ZuoRAT is a sophisticated multi-tier, router

fleet attack targeting home-office routers on an unprecedented scale, and is the

most significant widespread attack since Mirai in 2016. Help is on the way with

protection for routers and all devices connected to them by SAM



Following the announcement issued by Lumen Technologies' Black Lotus Labs on

6/29/2022, SAM Seamless Network, the global leader of security and intelligence

services for unmanaged networks and IoTs, today reveals the extent of the attack

and how to protect against it.





Seite 2 ► Seite 1 von 2

Yesterday Lumen research labs published a report outlining a widespreadcyber-attack for home and SOHO networks. These attacks were generated by awell-organized group, possibly a state-sponsored organization, whichinvestigated and exploited several vulnerabilities found in routers. It affectsthe hardware of well-known vendors such as Asus, Cisco, DrayTek and NETGEAR. Thelist is not exhaustive and other routers may still be compromised. The evidencegathered so far indicated that this group has been planning this attack scenariofor months.ZuoRAT is a multi-tier attack infiltrating home and home-office consumer-graderouters. Once in the network , it exploits vulnerabilities on all connectedcomputers and devices, making it possible for the attackers to commit a verysophisticated attack using two of the most dangerous methods: Man-in-the-Middle(https://securingsam.com/the-bogeyman-threat-of-iots-in-your-networks/) (MITM)and Trojan Horse.With MITM attacks, routers and IoTs in unmanaged networks could be leveraged byperpetrators to position themselves in a conversation between a user and anapplication. This can allow access to a user's credentials, bank accounts,social media accounts, an employer's VPN, browsing history, personal preferencesand essentially any online activity that is transmitted via the router.Essentially, once attackers have gained access to the router they havevisibility to everything on the network. The second stage will then be toinfiltrate an organization using the injection of a RAT (Remote Access Trojan)onto a PC, providing the attackers complete freedom to act as they wish andgather all information on the network, including traffic and all existingvulnerabilities - this is all typically the first step in a widespread attack.Everyone using the compromised home network is at risk. This attack is aimed atconsumers (https://securingsam.com/how-to-secure-home-wifi-networks/) and SOHO (https://securingsam.com/why-is-protecting-micro-businesses-from-cyberattacks-important-for-telcos/) businesses, but there could also be implications for