Older Netgear Routers Infected with Malware
Michael Patterson, CEO of Plixer, offered these observations.
“This is an example of a botnet using vulnerable Netgear Routers to indiscriminately apply credential stuffing brute force tactics with stolen username and password credentials. When there is a successful login, the bad actor gains a foothold into the organization from which they can steal data or do damage. These small routers fall under the umbrella of the Internet of Things (IoT) and external LEDs on the devices or notifications would be helpful when they haven’t seen an update for a period of time. A hard stop – end of life (e.g. 3 years) on all IoT devices should also be considered. Every organization must understand that breaches are inevitable and systems like network traffic analytics are required for effective incident response and the forensic data required to understand what happened.”