A group of hackers on Friday have targeted computer infrastructure in Russia and Iran by attacking with a malicious script that says “Don’t Mess With Our Elections” along with an image of an American flag.
“We were tired of attacks from government-backed hackers on the United States and other countries,” someone in control of an email address left in the note told Motherboard Saturday.
Kaspersky has published a blog post stating the attack was possible because of a vulnerability in the software called Cisco Smart Install Client. Using the data from the search engine Shodan a total of 160,000 computers were exposed to the vulnerability in the network to the public.
The hackers have said
“We simply wanted to send a message”
The attack itself looks like to be unsophisticated. A security researcher has released a tool called AutoSpoit which scans all the vulnerable machines on the network and using this tool that hackers were able to perform the attack easily.
The Communication and Information Technology Ministry of Iran said
“The attack apparently affected 200,000 router switches across the world in a widespread attack, including 3,500 switches in our country.”
The hackers did scan many nations for vulnerable systems including the UK, US and Canada but only attacked Russia and Iran. Cisco has issued an update to fix all its devices to prevent further attacks. The company suggested the system administrators run an update to fix the issue.
“As a result of our efforts, there are almost no vulnerable devices left in many major countries,” the Hackers claimed in an email.
When the update was completed the number of exposed devices have decreased from 168,000 to 166,000. According to a search result earlier today, a lot of devices with this vulnerability are still exposed.
While some statistics by Azari-Jahromi state that the attack mainly affected Europe, India and the United States. “Some 55,000 devices were affected in the United States and 14,000 in China, and Iran’s share of affected devices was 2%”.
Take your time to comment on this article.
Latest posts by Harikrishna Mekala (see all)
- A New variant of Brrr Dharma Ransomware has been released - September 18, 2018
- MageCart Cyber Gang Compromised Feedify Cloud Service Architecture - September 17, 2018
- Windows and Linux Are Being Targeted by Malicious Kodi Add-ons - September 17, 2018