Oh great, new malware lets hackers hijack your Wi-Fi router

By Nathan Drescher Published June 30, 2022

As if you didn’t already have enough to worry about, a new report finds hackers are targeting home Wi-Fi routers to gain access to all your connected devices.

The report comes from Black Lotus Lab, a security division of Lumen Technologies. The report details several observed real-world attacks on small home/home office (SOHO) routers since 2020 when millions of people began working from home at the start of the COVID 19 pandemic.

a faceless hacker in a black hoodie in front of a computer screen with lines of code on it — DigitalTrends.com

According to Black Lotus Lab, the attackers use Remote Access Trojans (RATs) to hijack a home’s router. The trojans use a new malware strain called zuoRAT to gain access and then deploy inside the router. Once deployed, the RATs allow attackers to upload and download files to all the connected devices on the home or office network.

Recommended Videos

“The rapid shift to remote work in spring of 2020 presented a fresh opportunity for threat actors to subvert traditional defense-in-depth protections by targeting the weakest points of the new network perimeter — small office/home office (SOHO) routers.” Lumen Technologies said in a blog post. “Actors can leverage SOHO router access to maintain a low-detection presence on the target network.”

ZuoRAT is resistant to attempts to sandbox it for further study. It attempts to contact several public servers when it first deploys. If it doesn’t receive any response, it assumes it has been sandboxed and deletes itself.

The malware is incredibly sophisticated, and Lumen Technologies believes it may originate from a nation-state actor, not rogue hackers. This means a government with a lot of resources could be targeting SOHO routers in North America and Europe.

ZuoRAT gains remote access to SOHO routers. It is constantly scanning networks for vulnerable routers and attacks if one is located.

Once the trojans are in, there’s no limit to the damage they can do. So far, they’ve been content with stealing data — personal identifiable information (PII), financial information, and normally secure business or corporate information. However, the ability is there for threat actors to deploy other malware once they’ve gained access.

Blue Lotus Lab was able to trace one of the zuoRAT viruses to servers in China. Other than that, little is known about the origins of the malware.

Most common household routers seem to be vulnerable, including Cisco, Netgear, and ASUS. The best way to protect against a zuoRAT infection is to regularly reboot your home router. The virus cannot survive a reboot, which wipes the router and restores it to its factory settings.

Nathan Drescher

Former Computing Writer

Nathan Drescher is a freelance journalist and writer from Ottawa, Canada. He's been writing about technology from around the…

Topics

Computing

It just got a lot easier to control a Windows 11 PC with your Android phone

Android smartphones now act as a multipurpose remote control for Windows 11 devices, offering instant locking, seamless file transfers, shared clipboard access, and easy screen mirroring.

microsoft-Phone-Link-app-windows-11

Microsoft has rolled out a significant upgrade to its Phone Link system and the "Link To Windows" app for Android, improving cross-platform connectivity with Windows 11. First and foremost, there's a new "Lock PC" toggle that lets you lock your Windows device remotely from your smartphone (provided the devices are connected).

According to a new report by Windows Latest, locking a Windows 11 PC from an Android phone takes a couple of seconds. Once unlocked, the PC reconnects to your phone. Besides that, the app also gets a "Recent Activity" feed that shows file transfers and clipboard history shared between the devices. There's a dashboard of the recent cross-device transactions.

Computing

AI chatbots like ChatGPT can copy human traits and experts say it’s a huge risk

AI that sounds human can manipulate users

phone-showing-ai-chatbots

AI agents are getting better at sounding human, but new research suggests they are doing more than just copying our words. According to a recent study, popular AI models like ChatGPT can consistently mimic human personality traits. Researchers say this ability comes with serious risks, especially as questions around AI reliability and accuracy grow.

Researchers from the University of Cambridge and Google DeepMind have developed what they call the first scientifically validated personality test framework for AI chatbots, using the same psychological tools designed to measure human personality (via TechXplore).

Computing

This advanced modular robot is ideal for Mars missions, its maker says

Swap out the parts to make different kinds of robots.

The Tron 2 robot.

LimX Dynamics is doing some fascinating work in the robotics arena. Four months after impressing us with its talented Oli humanoid robot, the three-year-old tech startup has just unveiled Tron 2, which, as its name cleverly suggests, is the follow-up to Tron 1.

Going by the video (top) released by LimX on Thursday, Tron 2 is an advanced, AI-powered modular humanoid robot featuring remarkable strength and movement.