Skip to main content
  1. Home
  2. Computing
  3. News

Oh great, new malware lets hackers hijack your Wi-Fi router

Add as a preferred source on Google

As if you didn’t already have enough to worry about, a new report finds hackers are targeting home Wi-Fi routers to gain access to all your connected devices.

The report comes from Black Lotus Lab, a security division of Lumen Technologies. The report details several observed real-world attacks on small home/home office (SOHO) routers since 2020 when millions of people began working from home at the start of the COVID 19 pandemic.

a faceless hacker in a black hoodie in front of a computer screen with lines of code on it
DigitalTrends.com

According to Black Lotus Lab, the attackers use Remote Access Trojans (RATs) to hijack a home’s router. The trojans use a new malware strain called zuoRAT to gain access and then deploy inside the router. Once deployed, the RATs allow attackers to upload and download files to all the connected devices on the home or office network.

Recommended Videos

“The rapid shift to remote work in spring of 2020 presented a fresh opportunity for threat actors to subvert traditional defense-in-depth protections by targeting the weakest points of the new network perimeter — small office/home office (SOHO) routers.” Lumen Technologies said in a blog post. “Actors can leverage SOHO router access to maintain a low-detection presence on the target network.”

ZuoRAT is resistant to attempts to sandbox it for further study. It attempts to contact several public servers when it first deploys. If it doesn’t receive any response, it assumes it has been sandboxed and deletes itself.

The malware is incredibly sophisticated, and Lumen Technologies believes it may originate from a nation-state actor, not rogue hackers. This means a government with a lot of resources could be targeting SOHO routers in North America and Europe.

ZuoRAT gains remote access to SOHO routers. It is constantly scanning networks for vulnerable routers and attacks if one is located.

Once the trojans are in, there’s no limit to the damage they can do. So far, they’ve been content with stealing data — personal identifiable information (PII), financial information, and normally secure business or corporate information. However, the ability is there for threat actors to deploy other malware once they’ve gained access.

Blue Lotus Lab was able to trace one of the zuoRAT viruses to servers in China. Other than that, little is known about the origins of the malware.

Most common household routers seem to be vulnerable, including Cisco, Netgear, and ASUS.  The best way to protect against a zuoRAT infection is to regularly reboot your home router. The virus cannot survive a reboot, which wipes the router and restores it to its factory settings.

Nathan Drescher
Former Computing Writer
Nathan Drescher is a freelance journalist and writer from Ottawa, Canada. He's been writing about technology from around the…
Intel may bring back older desktop CPUs because DDR5 is getting too expensive
Older Intel Core CPUs from 10th to 14th Gen may get a second life
Intel Core i5-12400F box sitting in front of a gaming PC.

Intel may be preparing an unusual response to the ongoing memory crunch. According to Chinese outlet ITHome, citing ChannelGate, the company’s latest production plan includes restarting production of 13th-gen and 14th-gen Core processors.

The move is expected to increase supply across Intel’s 10th, 12th, 13th, and 14th Gen CPU families, especially in mainland China. For DIY PC builders, the timing is important. DDR5 memory prices have climbed sharply, making newer platforms harder to justify for anyone trying to build an affordable gaming PC.

Read more
Amazon wants to design in-house chips for Kindles, Fire TV, and Echo speakers
Apple did it first. Amazon is doing it now, starting with 40 million chips a year and a partner most people have never heard of.
Amazon Kindle Scribe dark mode featured image.

Apple's decision to design its own chips reshaped the consumer electronics industry. Amazon may be about to make the same call, just about two decades later.

Supply chain analyst Ming-Chi Kuo reports that Amazon is preparing to shift away from externally sourced processors for its consumer electronics lineup, marking what he describes as the company's first major processor procurement change in 20 years. The transition is expected to begin in 2027.

Read more
AI wants to summarize it all. TripAdvisor’s misleading reviews show AI will also ruin your travel plans
Spotless, friendly, and totally wrong. AI summaries are hiding the reviews that actually matter.
Tripadvisor logo on MacBook

Planning a trip is stressful enough without wondering if the glowing hotel summary you just read was written by an AI that skipped the scary parts. As it turns out, that might be exactly what's happening on TripAdvisor.

According to an investigation by consumer group Which?, reported by the Guardian, TripAdvisor's AI-generated review summaries are smoothing over serious guest complaints, and in some cases, downright dangerous ones.

Read more