AI-powered
podcast player
Listen to all your favourite podcasts with AI-powered features
CyberWire Daily
No rest for the wicked HiatusRAT. [Research Saturday]
Oct 28, 2023
Danny Adamitis, Lumen's Black Lotus Labs researcher, discusses the HiatusRAT malware targeting business-grade routers. The research reveals a shift in targeting towards a US military procurement system and Taiwan-based organizations, aligning with the strategic interest of the People's Republic of China. The podcast also highlights the importance of replacing legacy SIMs, securing data through Microsoft's mission innovation, upgrading end-of-life routers, and monitoring and updating old hardware devices in cybersecurity.
23:01
Episode guests
AI Summary
AI Chapters
Episode notes
Podcast summary created with Snipd AI
Quick takeaways
- The Hiatus Rat malware campaign targeted older routers and focused on networks of interest for strategic intelligence, aligning with China's interests.
- To defend against router-based intrusions, organizations should use secure protocols for email traffic and regularly monitor and update their routers while implementing analytics and logging for detecting abnormal data transfers.
Deep dives
Router-based intrusions pose a significant threat
Researchers have been investigating router-based intrusions as a lesser-known security threat that can bypass firewalls and EDR solutions. Routers can serve as critical choke points, providing access to network traffic and potentially compromising organizations' security. This research focuses on the Hiatus Rat malware campaign, which targeted a range of networks, including IT service providers, MSSPs, and municipal level government organizations, aligning with the strategic interests of China. The campaign primarily targeted older DreTech Weiger routers, which were end of life but still active on the internet. The malware employed two primary binaries, including a variant of TCP dump to capture packets and a custom Trojan called HIDIS RAT for remote access and control.
Get the Snipd
podcast app
Unlock the knowledge in podcasts with the podcast player of the future.
AI-powered
Discover
highlights
Listen to the best highlights from the podcasts you love and dive into the full episode
Save any
moment
Hear something you like? Tap your headphones to save it with AI-generated key takeaways
Share
& Export
Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more
AI-powered
podcast player
Listen to all your favourite podcasts with AI-powered features
Discover
highlights
Listen to the best highlights from the podcasts you love and dive into the full episode