New Delhi: A malware called ZuoRAT is being used by hackers to gain access to the devices connected to a Wi-Fi router. For the unversed, a Wi-Fi router is a simple device that is used to provide wireless internet connectivity to devices such as laptops and mobile phones. However, the ZuoRAT, a highly sophisticated malware, is known for attacking the device, now commonly seen almost all offices and homes. The malware could steal data from the connected devices, putting users at risk of losing personal and financial information.
American telecommunications company Lumen Technologies discovered and reported ZuoRAT malware first. The firm said that malware is affecting popular routers from Asus, Cisco, DrayTek, and Netgear. (ALSO READ: Rakesh Jhunjhunwala’s net worth reduced by more than Rs 1000 crore in THESE two stocks)
“During our investigation of the ZuoRAT activity, we observed telemetry indicating infections stemming from numerous SOHO router manufacturers, including ASUS, Cisco, DrayTek and NETGEAR,” the company said in a blog. (ALSO READ: PPF, Sukanya Samriddhi Yojana, others: Check out the returns offered by them)
“The device types consisted of, but were not limited to: Cisco RV 320, 325 and 420; Asus RT-AC68U, RT-AC530, RT-AC68P and RT-AC1900U; DrayTek Vigor 3900 and unspecified NETGEAR devices,” it added.
How to stay safe from ZuoRAT malware?
Using the ZuoRAT malware, hackers can get access to your Windows, macOS, and Linux devices by getting into your router first. However, you can stay safe by following a few simple steps.
Lumen said in the blog that users should follow best practices of regularly rebooting routers and installing security updates and patches. They should leverage properly configured and updated EDR solutions on hosts and regularly update software consistent with vendor patches where applicable, it added.
For network defenders, Lumen said to use IoCs outlined in this report to monitor for the Windows loader and its modules, as well as connections to any suspicious infrastructure.
“We recommend that businesses consider comprehensive Secure Access Service Edge (SASE) or similar solutions to bolster their security posture and enable robust detection on network-based communications,” it added.