ISP Meltdown: Hackers Plant Malware, Harvest Credentials
Hackers, likely backed by the Chinese government, have exploited a zero-day vulnerability in Versa Director, infecting at least four U.S. ISPs with malware designed to steal customer credentials. This vulnerability, known as CVE-2024-39717, was exploited through home office routers, allowing hackers to gain administrative control over ISP systems.
Dan Goodin writes for Ars Technica
Malicious hackers likely working on behalf of the Chinese government have been exploiting a high-severity zero-day vulnerability that allowed them to infect at least four US-based ISPs with malware that steals credentials used by downstream customers, researchers said Tuesday.
The attack went undetected by antivirus software, with researchers urging network defenders to review their systems for potential signs of compromise.