Quad7 botnet expands, adding SOHO and VPN routers, media servers

0
7

The operators of the Quad7 botnet have been busy, adding new features and expanding their attack surface, according to multiple security researchers who have been keeping tabs on the malware’s recent evolution.

Quad7 was first spotted by a researcher alias Gi7w0rm, and experts from Sekoia, when it was only observed targeting TP-Link routers. However, during the following weeks, Quad7 (which was named so for targeting port 7777), expanded to ASUS routers, and now has been observed on Zyxel VPN endpoints, Ruckus wireless routers, and Axentra media servers.

LEAVE A REPLY

Please enter your comment!
Please enter your name here