ZuoRAT: The New Spyware That's Infiltrating Home-Office Routers
Updated: Aug 11, 2022
As work from home has become the norm for many people worldwide, hacks have taken notice. A new cutting-edge "remote access trojan dubbed ZuoRAT" is the latest malware to hit remote workers in North America and Europe by storm.
What ZuoRat does is it allows the hacker access to the user's network and gives them the power to hijack all communications that enter the LAN without being detected. Researchers from Lumen Black Lotus Labs cracked this case wide open and are working to educate remote workers everywhere.
Mainly targeting routers from ASUS, Cisco, DrayTek, and NETGEAR, it seems this campaign began back in 2020, right when the global pandemic was ramping up, and lockdowns were happening everywhere lying undetected for over two whole years.
Lumen Black Lotus Labs states, "Consumers and remote employees routinely use SOHO (small office/home office) routers, but these devices are rarely monitored or patched, making them one of the weakest points of a network's perimeter."
How this cyberattack operates is that access is through the router, which the malware scans the areas that show weak points. From there, it enters and begins to work away. This malware allows the hacker to keep tabs on the user's internet activity and follow their patterns, just observing in the background.
Hungry for more? Join me each week, where I'll break down complex topics and dissect the latest news within the cybersecurity industry and blockchain ecosystem, simplifying the world of tech.