HairyLeg
ULTIMATE Member
This one is for @JSHarris
CISA Report here:
Summary report from The Register
www.theregister.com
Update:
Here's Cisco's version
sec.cloudapps.cisco.com
Worryingly there are no mitigations yet posted and radio silence on the other router manufacturers affected by the compromise.
Update 2:
Arstechnica hot take
arstechnica.com
What is stunning is CISA claim the hackers are swapping out the complete router firmware, while Cisco claim that's not possible.. somebody is not being truthful.
CISA Report here:
Summary report from The Register
Routers have been rooted by Chinese spies US and Japan warn
BlackTech crew looking to steal sensitive data traffic
Update:
Here's Cisco's version
Cisco Security Advisory: Reports about Cyber Actors Hiding in Router Firmware
On September 27, 2023, the U.S. National Security Agency (NSA), the U.S. Federal Bureau of Investigation (FBI), the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Japan National Police Agency (NPA), and the Japan National Center of Incident Readiness and Strategy for...
Worryingly there are no mitigations yet posted and radio silence on the other router manufacturers affected by the compromise.
Update 2:
Arstechnica hot take
Backdoored firmware lets China state hackers control routers with “magic packets”
The modified firmware used by BlackTech is hard to detect.
What is stunning is CISA claim the hackers are swapping out the complete router firmware, while Cisco claim that's not possible.. somebody is not being truthful.
Last edited:























