600,000 American families left without internet after mass destruction of WiFi routers

Published:

Unprecedented Cyberattack Turns 600,000 WiFi Routers into E-Waste in the US

An unprecedented wiperware campaign wreaked havoc in the US last year, leaving 600,000 WiFi routers useless and turning them into e-waste. The cyberattack, which targeted a specific service provider’s customers, primarily in rural areas, unfolded over a 72-hour period in late October.

Researchers are still unraveling the full extent of the attack, which saw routers suddenly malfunctioning and displaying a static red light on their LED indicators. Complaints flooded online forums, with affected customers being informed that their routers needed to be replaced entirely.

The attack was attributed to a remote access trojan known as “Chalubo,” which infected thousands of small office/home office (SOHO) routers, rendering them permanently inoperable. Lumen Technologies’ Black Lotus Labs described the event as unprecedented due to the sheer number of devices affected.

The impact of the cyberattack was far-reaching, with families in rural communities left without access to emergency services, farmers losing critical data on crop monitoring, and healthcare providers being cut off from telehealth services and patient records.

Despite efforts to contain the malware, it remained active in the following months, raising concerns about future attacks. Researchers highlighted the sophisticated nature of the attack, which involved the deliberate corruption of firmware on specific router models.

Cybersecurity experts, including Roger Grimes from KnowBe4, expressed astonishment at the scale and motivation behind the attack. Grimes speculated on possible reasons for the attack, emphasizing the importance of aggressive auto-patching of hardware and secure password practices.

As investigations continue, consumers are advised to regularly reboot their routers and ensure they do not use common default passwords. Additionally, securing management interfaces and preventing remote access to routers via the internet are crucial steps to mitigate the risk of similar attacks in the future.

Related articles

Recent articles