New Delhi: Malware named ZooRat is being used by hackers to gain access to devices connected to Wi-Fi routers. For those unaware, a Wi-Fi router is a simple device used to provide wireless Internet connectivity to devices such as laptops and mobile phones. However, ZuoRAT, a highly sophisticated malware, known to attack devices is now commonly seen in almost all offices and homes. Malware can steal data from connected devices, putting users at risk of losing personal and financial information.
American telecommunications company Lumen Technologies first discovered and reported the ZuoRAT malware. The firm said the malware is affecting popular routers from Asus, Cisco, DrayTek and Netgear. (Also read: Rakesh Jhunjhunwala’s net worth decreased by more than Rs 1000 crore in these two stocks)
“During our investigation of ZooRat activity, we observed telemetry indicating infections from multiple SOHO router manufacturers, including ASUS, Cisco, Drateek and NETGEAR,” the company said in a blog. (Also Read: PPF, Sukanya Samriddhi Yojana, Others: Check Returns Given By Them)
“Device types included, but were not limited to: Cisco RV 320, 325 and 420; Asus RT-AC68U, RT-AC530, RT-AC68P and RT-AC1900U; DrayTek Vigor 3900 and unspecified NETGEAR devices,” it added. .
How to Stay Safe from ZuoRAT Malware?
Using ZuoRAT malware, hackers can gain access to your Windows, macOS and Linux devices by first entering your router. However, you can stay safe by following a few simple steps.
Lumen said in the blog that users should follow best practices of regularly rebooting routers and installing security updates and patches. They should leverage the properly configured and updated EDR solutions on the hosts and regularly update the software in line with vendor patches where applicable.
For network defenders, Lumen said to use the IoC mentioned in this report to monitor connections to the Windows loader and its modules, as well as any suspicious infrastructure.
“We recommend that businesses consider comprehensive Secure Access Service Edge (SASE) or similar solutions to strengthen their security position and enable robust identification over network-based communications.”