Tuesday, March 19, 2024

Massive Cyber Attack Across the World Against ISPs & Data Centres: More than 200,000 Cisco Switches Hacked

Biggest Hackers Group Performing Massive Cyber attack against internet service providers, and data centers around the world by compromising Cisco switches.

Hackers compromised more than 200,000 Cisco devices across the world in this widespread attack, including 3,500 switches in Iran country.

A recently discovered  Remote Code Execution flaw that affected the Cisco switches  Smart Install Client allows an attacker to gain full control of the Vulnerable Cisco switch deployed networks.

Iranian & Russian countries are mainly affected and hackers have left the image of a U.S. flag on screens that also contains a warning message: “Don’t mess with our elections”

This Cyber Attack initially hit the Internet service providers and stop the web access for subscribers by exploiting the vulnerability in Cisco switches that contains a critical Remote code execution Flaw.

This Attack was initiated by an unknown threat actor that is exploiting a vulnerability in a piece of software called Cisco Smart Install Client, which allows them to run arbitrary code and this leads the attacker to reset the vulnerable Cisco Switches to its default configuration.

Based on the Cisco investigation using Shodan and they were identified more than 168,000 systems have already been successfully exploited and another investigation made by Tenable Security revealed 251,000 exposed Cisco Smart Install Clients around the world.

According to Motherboard Report, The hackers said they did scan many countries for vulnerable systems, including the UK, US, and Canada, but only “attacked” Russia and Iran, perhaps referring to the post of an American flag and their message.

Iran’s IT Minister Mohammad Javad Azari-Jahromi posted a picture of a computer screen on Twitter with the image of the U.S. flag and the hackers’ message.

He said it was not yet clear who had carried out the Cyber Attack.

He said in another Tweet, “Approximately 3,500 routers come from a total of hundreds of thousands of nationwide network routers affected by the Cyber Attack.The performance of companies has been evaluated in repelling and restoring normal conditions. Weakness in informing the skilled center to companies and the weakness in the configuration of data centers have been”

Based on the Reuters Statment, This Cyber Attack mainly affected  Europe, India and the United States, in this case, Some 55,000 devices were affected in the United States and 14,000 in China.

Website

Latest articles

How ANY.RUN Malware Sandbox Process IOCs for Threat Intelligence Lookup?

The database includes indicators of compromise (IOCs) and relationships between different artifacts observed within...

CryptoWire Ransomware Attacking Abuses Schedule Task To maintain Persistence

AhnLab security researchers detected a resurgence of CryptoWire, a ransomware strain originally prevalent in...

E-Root Admin Sentenced to 42 Months in Prison for Selling 350,000 Credentials

Tampa, FL – In a significant crackdown on cybercrime, Sandu Boris Diaconu, a 31-year-old...

WhiteSnake Stealer Checks for Mutex & VM Function Before Execution

A new variant of the WhiteSnake Stealer, a formidable malware that has been updated...

Researchers Hacked AI Assistants Using ASCII Art

Large language models (LLMs) are vulnerable to attacks, leveraging their inability to recognize prompts...

Microsoft Deprecate 1024-bit RSA Encryption Keys in Windows

Microsoft has announced an important update for Windows users worldwide in a continuous effort...

Beware Of Free wedding Invite WhatsApp Scam That Steal Sensitive Data

The ongoing "free wedding invite" scam is one of several innovative campaigns aimed at...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles