Tuesday, April 16, 2024

Massive Cyber Attack Across the World Against ISPs & Data Centres: More than 200,000 Cisco Switches Hacked

Biggest Hackers Group Performing Massive Cyber attack against internet service providers, and data centers around the world by compromising Cisco switches.

Hackers compromised more than 200,000 Cisco devices across the world in this widespread attack, including 3,500 switches in Iran country.

A recently discovered  Remote Code Execution flaw that affected the Cisco switches  Smart Install Client allows an attacker to gain full control of the Vulnerable Cisco switch deployed networks.

Iranian & Russian countries are mainly affected and hackers have left the image of a U.S. flag on screens that also contains a warning message: “Don’t mess with our elections”

This Cyber Attack initially hit the Internet service providers and stop the web access for subscribers by exploiting the vulnerability in Cisco switches that contains a critical Remote code execution Flaw.

This Attack was initiated by an unknown threat actor that is exploiting a vulnerability in a piece of software called Cisco Smart Install Client, which allows them to run arbitrary code and this leads the attacker to reset the vulnerable Cisco Switches to its default configuration.

Based on the Cisco investigation using Shodan and they were identified more than 168,000 systems have already been successfully exploited and another investigation made by Tenable Security revealed 251,000 exposed Cisco Smart Install Clients around the world.

According to Motherboard Report, The hackers said they did scan many countries for vulnerable systems, including the UK, US, and Canada, but only “attacked” Russia and Iran, perhaps referring to the post of an American flag and their message.

Iran’s IT Minister Mohammad Javad Azari-Jahromi posted a picture of a computer screen on Twitter with the image of the U.S. flag and the hackers’ message.

He said it was not yet clear who had carried out the Cyber Attack.

He said in another Tweet, “Approximately 3,500 routers come from a total of hundreds of thousands of nationwide network routers affected by the Cyber Attack.The performance of companies has been evaluated in repelling and restoring normal conditions. Weakness in informing the skilled center to companies and the weakness in the configuration of data centers have been”

Based on the Reuters Statment, This Cyber Attack mainly affected  Europe, India and the United States, in this case, Some 55,000 devices were affected in the United States and 14,000 in China.


Latest articles

Hacker Customize LockBit 3.0 Ransomware to Attack Orgs Worldwide

Cybersecurity researchers at Kaspersky have uncovered evidence that cybercriminal groups are customizing the virulent...

Microsoft .NET, .NET Framework, & Visual Studio Vulnerable To RCE Attacks

A new remote code execution vulnerability has been identified to be affecting multiple Microsoft...

LightSpy Hackers Indian Apple Device Users to Steal Sensitive Data

The revival of the LightSpy malware campaign has been observed, focusing on Indian Apple...

LightSpy Malware Attacking Android and iOS Users

A new malware known as LightSpy has been targeting Android and iOS users.This sophisticated...

This Startup Aims To Simplify End-to-End Cybersecurity, So Anyone Can Do It

The Web3 movement is going from strength to strength with every day that passes....

Alert! Palo Alto RCE Zero-day Vulnerability Actively Exploited in the Wild

In a recent security bulletin, Palo Alto Networks disclosed a critical vulnerability in its...

6-year-old Lighttpd Flaw Impacts Intel And Lenovo Servers

The software supply chain is filled with various challenges, such as untracked security vulnerabilities...
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Top 3 SME Attack Vectors

Securing the Top 3 SME Attack Vectors

Cybercriminals are laying siege to small-to-medium enterprises (SMEs) across sectors. 73% of SMEs know they were breached in 2023. The real rate could be closer to 100%.

  • Stolen credentials
  • Phishing
  • Exploitation of vulnerabilities

Related Articles