Mystery malware destroys 600,000 routers
“Mystery”
The actor took deliberate steps to cover their tracks by using commodity malware known as Chalubo, rather than a custom-developed toolkit. A feature built into Chalubo allowed the actor to execute custom Luascripts on the infected devices. The researchers believe the malware downloaded and ran code that permanently overwrote the router firmware.
So… not a “mystery.”
Proper headline: “ Commodity malware known as Chalubo infected 600k routers from the ISP Windstream. “
As someone who works with 100Gbps networking:
- why the heck do these routers run Lua of all things???
It’s possible the “mystery” they refer to could be related to the identity of the hacker(s), how it got onto the routers in the first place, or the purpose for the attack
The headline reads: “Mystery malware … “
Not sure what you’re on about.
With no clear idea how the routers came to be infected…
You posses extremely niche knowledge. Being catty because the headline doesn’t suit your preferences comes off as fairly rude and pretentious. Good for you for understanding that the headline is misleading, but there are more relatable ways to say that.
Basic reading comprehension shouldn’t be considered extremely niche knowledge
English aint Lojban, if you know what I mean.
Oh shit, I use Windstream, this explains a lot about why they were so busy replacing everyones routers down here. I had assumed it was just a defective design since they used all the same units for every network, but it was actually malware, wild
One day last October, subscribers to an ISP known as Windstream
In case anyone only reads the headline
