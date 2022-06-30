ContributorsPublishersAdvertisers
‘Highly sophisticated’ hackers take over your PC by secretly attacking your WiFi router – how to stay safe

By Jamie Harris
 3 days ago
HIGHLY sophisticated hackers have found a way to take control of people's computers through their router - and it's been happening for years.

Experts claim it could infect some routers made by the likes of Asus, Cisco, DrayTek and Netgear.

A number of household routers could be susceptible Credit: Getty

Lumen Technologies believe it's been "living undetected on the edge of targeted networks for years".

And they suspect a nation state is behind it due to the complexity and scale.

Attacks on WiFi routers are nothing new.

But the use of two particular techniques in this campaign suggests the hackers behind it have a "high level of sophistication".

And with so many people regularly working from home after Covid-19, experts have even more reason to be concerned.

The malware - dubbed ZuoRAT - is able attack routers, before taking network information that allows hackers to access Windows, macOS, and Linux machines.

There are four pieces of malware involved in total.

Researchers warn that those behind it have intentionally made it complex to hide what they're up to.

But thankfully there is a way to avoid falling victim if you've not already infected.

"Users should follow best practices of regularly rebooting routers and installing security updates and patches," experts recommend.

"The rapid shift to remote work in spring of 2020 presented a fresh opportunity for threat actors to subvert traditional defense-in-depth protections by targeting the weakest points of the new network perimeter — devices which are routinely purchased by consumers but rarely monitored or patched — small office/home office (SOHO) routers.

"Actors can leverage SOHO router access to maintain a low-detection presence on the target network and exploit sensitive information transiting the LAN (local area network)."

KHERCP Silhouette of man in the hood, dark mysterious man hoodie, murderer, hacker, anonymus on the black background with free space Credit: Alamy
