A recent investigation by Black Lotus Labs team at Lumen Technologies has revealed a concerning trend in cybercriminal activity targeting end-of-life (EoL) routers and IoT devices. The research sheds light on a sophisticated campaign utilising updated malware known as TheMoon, which has quietly grown to infect over 40,000 devices across 88 countries by early 2024.
The primary target of this campaign appears to be small home and small office routers, which are often overlooked when it comes to security updates. Unlike desktop and server computing, where automatic updates are the norm, many IoT devices lack this crucial feature. This oversight leaves them vulnerable to exploitation by cybercriminals.
One of the key findings of the investigation is the emergence of a malicious proxy service called Faceless, which offers anonymity services to cybercriminals for a minimal fee. By routing their traffic through compromised devices, malicious actors can conceal their true origins, making it difficult for law enforcement to track their activities.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: