Mystery malware destroys 600,000 routers from a single ISP during 72-hour span
An unknown threat actor with equally unknown motives forces ISP to replace routers.
You're viewing a single thread.
It’s possible the “mystery” they refer to could be related to the identity of the hacker(s), how it got onto the routers in the first place, or the purpose for the attack
With no clear idea how the routers came to be infected…
You posses extremely niche knowledge. Being catty because the headline doesn't suit your preferences comes off as fairly rude and pretentious. Good for you for understanding that the headline is misleading, but there are more relatable ways to say that.
Basic reading comprehension shouldn't be considered extremely niche knowledge
Ah so you're just kind of rude, cool.
English aint Lojban, if you know what I mean.
"mystery malware"
The article clarifies the name of the malware.
Clickbait BS. Why are you being disingenuous?
Your reply reads to me as if you’re calling me disingenuous, which I can’t for the life of me understand. I’m not the author. I offered a possible explanation.
As someone who works with 100Gbps networking:
OpenWRT uses Lua for its web UI. The interpreter can be really small which works well for tiny embedded devices with mere megabytes of storage, and it's much safer than writing a web GUI entirely in C.
Yeah I completely forgot about the consumer side of things. I was expecting there being Cisco iOS/FRR router configs, not a full web dashboard.
I imagine the malware binary includes a lua interpreter for executing scripts fetched from its command and control server.
