router with a code red color and matrix to signify malware
June 29, 2022
Cyber Security

A number of SOHO routers are under attack by new Malware

What is this "New Malware"?

The new kid in town does not seem to be that new. This particular malware goes by the name of "ZuoRat", and reportedly has been in circulation since 2020. Around this time is when Working from Home really took off, and office buildings were abandoned in favor of cozy home offices, company from pets, and pajamas all day long. Unfortunately, malicious cyber folk wait for no one, and they wasted no time crafting a new kind of malware with the sole purpose of infecting SOHO routers (Small Office, Home Office). This malware allows for the attackers to collect data that is in transit, hijack connections that are taking place, and also compromises devices that are on adjacent networks to the infected router!

While big corporation networks and internet systems have plenty of security in place, smaller offices and personal office often lack these security measures, which is why these networks were such easy prey for this particular piece of malware. While we do not know the particular details down to the models of routers that can be at risk, there is a list of company's from which routers have been found to be compromised. The list goes as follows: ‍

According to researchers over at Black Lotus Labs who were the ones to initially discover this malware in their testing, the perpetrator behind this whole operation seems to be very sophisticated and meticulous when it comes to their work. This malware was able to work undetected for the better part of two years now, and covers its tracks as it slowly goes around gathering data from networks. ‍

What can I do if this malware is found on my router?

Fortunately for you, and unfortunately for the malware and assailant, this malware can be cleared from your router by a simple factory reset. Methods for a factory reset vary from different makes and models of routers, so we have included some guides to resetting routers from the manufacturers that were listed in this article. Something of note, when you factory reset your router, your SSID and Password will also be reset back to their default values, prompting you to update them again within the router settings. ‍

Reset for: Cisco Routers

Reset for: NETGEAR Routers

Reset for: Asus Routers

Reset for: DrayTek Routers

Be on the lookout for news from your router company, checking every so often for new updates that can be sent over the air to your router. As this is a new kind of malware, company's are still working to figure out which of their devices may be compromised, and what they can do to stop the further attacks from this malware. To read more about this malware attack to get even more detailed information, be sure to click the links at the bottom of the article. Be safe out there in the cyber world! ‍

Sources:

https://arstechnica.com/information-technology/2022/06/a-wide-range-of-routers-are-under-attack-by-new-unusually-sophisticated-malware/

https://www.bleepingcomputer.com/news/security/new-zuorat-malware-targets-soho-routers-in-north-america-europe/

Jake Sagan

MORE CYBER NEWS

Phone with Google Chrome's welcome page settings

Google patches major zero-day vulnerability flaw

July 5, 2022

A zero-day vulnerability has been patched by Google, and should be reaching you shortly.

Cyber Security
Phone laying on black red surface showing Google Chrome logo on screen

Google and iFixit partnership officially live

July 5, 2022

An announcement that was made a few months ago joining iFixit and Google together to sell OEM parts on iFixit's online store is finally live.

Mobile Devices
Man in front of laptop holding his glasses and clutching bridge of nose in frustration

Home office hacks to improve your working from home experience!

July 1, 2022

Working from home has taken the world by storm, and not exactly by choice. Here are a few tips and items that can help improve your work from home experience, as we know that not everyone has the system completely nailed down.

Misc.