It appears that Robert Jacobs said:
>-=-=-=-=-=-
>
>If you do a bit more digging the ISP is not Lumen ... It is a well known ISP
It's Windstream.
and I recall reading about this
>outage when it happened. I don’t know if indeed this was a botched attempt to
>gather a bot network or like
>some
, please
notify me by telephone or e-mail immediately.
-Original Message-
From: NANOG On Behalf Of
Christopher Morrow
Sent: Monday, June 3, 2024 1:04 PM
To: Matt Erculiani
Cc: NANOG
Subject: Re: 600,000 routers bricked
CAUTION: External Email. Do not click links or open attachments
On Mon, Jun 3, 2024 at 1:40 PM Matt Erculiani wrote:
>
> It's important to note though that if you quietly (or even publicly) patch
> 600k devices to fix a bug, nobody cares. Plus, doing so is still a crime:
> it's 600k instances of accessing a computer system without permission. It's
> also fa
It's important to note though that if you quietly (or even publicly) patch
600k devices to fix a bug, nobody cares. Plus, doing so is still a crime:
it's 600k instances of accessing a computer system without permission. It's
also far, FAR easier to write a stream of 0s to the bootloader than it is
I'm sorry, but if you have the wherewithal to commandeer 600,000 devices
well enough to permanantly brick them, you have the wherewithal to
commandeer them and load a patched version of software on them closing up
the vulnerability.
If there's no fixed version of software available for the platfor
answers all of your
> concerns. Further, they remark that this was an especially sophisticated
> infection, that hid its tracks well.
>
>
>
> Lee
>
>
>
> *From:* NANOG *On
> Behalf Of *Tom Beecher
> *Sent:* Sunday, June 2, 2024 4:23 PM
> *To:* Dave Taht
> *Cc
On Behalf
Of Tom Beecher
Sent: Sunday, June 2, 2024 4:23 PM
To: Dave Taht
Cc: NANOG
Subject: Re: 600,000 routers bricked
This message is from an EXTERNAL SENDER - be CAUTIOUS, particularly with links
and attachments.
That post from Mr. Perens about this is honestly really shitty.
1. Is he
let's hope that this action didn't harm anyone - particularly a
vulnerable person who might have an emergency system using IP to send
alerts
On Mon, 3 Jun 2024 at 01:22, Josh Luthman wrote:
>
> >And then when it became clear that the issue wasn't being addressed, they
> >forcibly turned off thos
That post from Mr. Perens about this is honestly really shitty.
1. Is he right that Lumen has to shoulder blame for not keeping CPE updated
with exploit free software? Certainly.
2. Making a claim that all 600k of these routers were being used as botnet
zombies without any supporting evidence is r
After reading the actual report, I think bruce is making assumptions about
the attackers' motivations that may or may not be the case.
https://blog.lumen.com/the-pumpkin-eclipse/
Still, 600k routers gone in 72 hours is quite a lot. If they were also
being actively used in a botnet, good riddance
>And then when it became clear that the issue wasn't being addressed, they
forcibly turned off those 600,000 routers. I am finding it difficult not to
applaud that action.
The concern is that someone would shut off the routers or compromise them,
so they compromised and shut them off?
On Sun, Jun
https://www.linkedin.com/pulse/60-families-using-one-internet-provider-have-routers-bruce-perens-geedc/
--
https://www.youtube.com/watch?v=BVFWSyMp3xg&t=1098s Waves Podcast
Dave Täht CSO, LibreQos
12 matches
Mail list logo
