Massive Cyber Attack Across the World Against ISPs & Data Centres: More than 200,000 Cisco Switches Hacked

Biggest Hackers Group Performing Massive Cyber attack against internet service providers, and data centers around the world by compromising Cisco switches.

Hackers compromised more than 200,000 Cisco devices across the world in this widespread attack, including 3,500 switches in Iran country.

A recently discovered  Remote Code Execution flaw that affected the Cisco switches  Smart Install Client allows an attacker to gain full control of the Vulnerable Cisco switch deployed networks.

Iranian & Russian countries are mainly affected and hackers have left the image of a U.S. flag on screens that also contains a warning message: “Don’t mess with our elections”

This Cyber Attack initially hit the Internet service providers and stop the web access for subscribers by exploiting the vulnerability in Cisco switches that contains a critical Remote code execution Flaw.

This Attack was initiated by an unknown threat actor that is exploiting a vulnerability in a piece of software called Cisco Smart Install Client, which allows them to run arbitrary code and this leads the attacker to reset the vulnerable Cisco Switches to its default configuration.

Based on the Cisco investigation using Shodan and they were identified more than 168,000 systems have already been successfully exploited and another investigation made by Tenable Security revealed 251,000 exposed Cisco Smart Install Clients around the world.

According to Motherboard Report, The hackers said they did scan many countries for vulnerable systems, including the UK, US, and Canada, but only “attacked” Russia and Iran, perhaps referring to the post of an American flag and their message.

Iran’s IT Minister Mohammad Javad Azari-Jahromi posted a picture of a computer screen on Twitter with the image of the U.S. flag and the hackers’ message.

He said it was not yet clear who had carried out the Cyber Attack.