It is the security company Check Point Software that announces that its research department Check Point Research (CPR) has discovered what is claimed to be an ongoing attack against routers from the manufacturer TP-Link. According to the CPR, the attacks can be linked to a Chinese group known as Camaro Dragon.
Among other things, CPR has found what it calls Horse Shell, a backdoor that allows attackers to take full control of infected devices, remain undetected and access compromised networks.
It is not yet known how the affected routers could have been infected, but according to the CPR, it is likely that they used known vulnerabilities, or found their way to devices that use default passwords or weak and predictable passwords for authentication.
However, Mats Ekdahl, a security expert at Check Point Software, says that just because home routers have been infected does not mean that the router’s owner is the target. Instead, infected routers are used to create a chain of routers that will lead to the real target, but at the moment it is not possible to say what this target is.
Among the advice from CPR on how to protect yourself and your router is to always use the latest version of your router’s firmware, and never to use startup login names and passwords.
Source: Mobil by www.mobil.se.
*The article has been translated based on the content of Mobil by www.mobil.se. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!
*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.
*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!
