Mystery miscreant remotely bricked 600,000 SOHO routers with malicious firmware update

From theregister.com

Unknown miscreants broke into more than 600,000 routers belonging to a single ISP late last year and deployed malware on the devices before totally disabling them, according to security researchers.

The cyber attack, which wasn’t reported at the time, took place over a 72-hour period between October 25 and 27, 2023. It “rendered the infected devices permanently inoperable, and required a hardware-based replacement,” according to US telco Lumen Technologies’ Black Lotus Labs, which published details about the destructive event on Thursday and named it “Pumpkin Eclipse.”

Read more…