These DrayTek routers are under actual attack â and there’s no patch
Knowledia
The operators behind the Hiatus malware campaign are hijacking DrayTek Vigor router models 2960 and 3900 powered by MIPS, i386 and Arm-based processors to in turn attack businesses in North and Latin America as well as in Europe, according to researchers with Lumen’s Black Lotus Labs threat intelligence unit. The two DrayTek router models reached end-of-life, in support terms, in December 2021. They are still broadly used, with more than 4,000 vulnerable boxes exposed to the internet, according to scans. The Hiatus crooks have infected at least 100 of them so far, Black Lotus researchers Danny Adamitis and Steve Rudd wrote in a report.
Link: https://news.knowledia.com/us/en/articles/these-draytek-routers-are-under-actual-attack-and-there-s-no-patch-f6fa66daa05c1d0c11d1f4e96b29bc0885cfaf24