top of page
  • Writer's pictureMichael Paulyn

ZuoRAT: The New Spyware That's Infiltrating Home-Office Routers

Updated: Oct 21, 2023

As working from home has become the norm for many people worldwide, hacks have taken notice. A new cutting-edge "remote access trojan dubbed ZuoRAT" is the latest malware to hit remote workers in North America and Europe by storm.

ZuoRat allows the hacker access to the user's network and gives them the power to hijack all communications that enter the LAN without being detected. Researchers from Lumen Black Lotus Labs cracked this case open and are working to educate remote workers everywhere.

Mainly targeting routers from ASUS, Cisco, Draytek, and NETGEAR, this campaign began in 2020, right when the global pandemic was ramping up, and lockdowns were happening everywhere, lying undetected for over two years.

Lumen Black Lotus Labs states, "Consumers and remote employees routinely use SOHO (small office/home office) routers, but these devices are rarely monitored or patched, making them one of the weakest points of a network's perimeter."

This cyberattack operates because access is through the router, which the malware scans the areas that show weak points. From there, it enters and begins to work away. This malware allows the hacker to keep tabs on the user's internet activity and follow their patterns, just observing in the background.

Hungry for more? Join me each week, where I'll break down complex topics and dissect the latest news within the cybersecurity industry and blockchain ecosystem, simplifying the world of tech.

6 views0 comments


bottom of page