Router Roulette: Cybercriminals and Nation-States Sharing Compromised Networks

NetmanageIT OpenCTI - opencti.netmanageit.com

Router Roulette: Cybercriminals and Nation-States Sharing Compromised Networks



SUMMARY :

TrendMicro highlights the dangers of internet-facing routers and elaborates on Pawn Storm's exploitation of EdgeRouters, complementing the FBI's advisory from February 27, 2024. Cybercriminals and nation-state actors share an interest in compromised routers used as an anonymization layer, with cybercriminals renting out compromised routers and nation-state threat actors like Pawn Storm and Sandworm using dedicated proxy botnets. The analysis focuses on a criminal botnet of Ubiquiti EdgeRouters, disrupted by the FBI in January 2024, which Pawn Storm accessed in April 2022 for persistent espionage campaigns.

OPENCTI LABELS :

espionage,botnet,cybercrime,proxy,routers,ngioweb,sshdoor


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


Router Roulette: Cybercriminals and Nation-States Sharing Compromised Networks