06-05-2024, 01:19 PM
This post was last modified 06-05-2024, 01:23 PM by Maxmars.
Edit Reason: added content
A newer criminal conspiracy mystery was inevitable.
Back in October, "some mysterious operator(s)" managed to reduce 600,000 routers being used by subscribers of the ISP known as Windstream to useless "bricks."
One day last October, subscribers to an ISP known as Windstream began flooding message boards with reports their routers had suddenly stopped working and remained unresponsive to reboots and all other attempts to revive them.
“The routers now just sit there with a steady red light on the front,” one user wrote, referring to the ActionTec T3200 router models Windstream provided to both them and a next door neighbor. “They won't even respond to a RESET.”
The author cites Black Lotus (formerly CenturyLink) a cyber security company, who has coined this event as "Pumpkin Eclipse." I suppose every such cyber attack needs a military- style mission name.
Reportedly users had made allegations...
... They said it was the result of the company pushing updates that poisoned the devices. Windstream’s Kinetic broadband service has about 1.6 million subscribers in 18 states, including Iowa, Alabama, Arkansas, Georgia, and Kentucky...
Now the kicker here is that not only do they have no idea WHY these routers were specifically targeted, they have NO CLUE as to who did it. As it unfolds the 'event' marks a terrible vulnerability to all of us lowly users who rely on the people we pay for services to use and maintain a system that is not going to be compromised... The ISP is not commenting, and the event will not be featured in the 11 o'clock news. But 600,000 'new' routers will be shipped...
Word of advice from the uneducated... make your ISP replace your router every if you discover it has been listed as vulnerable. Keep the firmware updated, and brace yourself because eventually someone will try to exploit its' weaknesses.
Oops! Edit to add forgotten source link from ArsTechnica: Mystery malware destroys 600,000 routers from a single ISP during 72-hour span
Back in October, "some mysterious operator(s)" managed to reduce 600,000 routers being used by subscribers of the ISP known as Windstream to useless "bricks."
One day last October, subscribers to an ISP known as Windstream began flooding message boards with reports their routers had suddenly stopped working and remained unresponsive to reboots and all other attempts to revive them.
“The routers now just sit there with a steady red light on the front,” one user wrote, referring to the ActionTec T3200 router models Windstream provided to both them and a next door neighbor. “They won't even respond to a RESET.”
The author cites Black Lotus (formerly CenturyLink) a cyber security company, who has coined this event as "Pumpkin Eclipse." I suppose every such cyber attack needs a military- style mission name.
Reportedly users had made allegations...
... They said it was the result of the company pushing updates that poisoned the devices. Windstream’s Kinetic broadband service has about 1.6 million subscribers in 18 states, including Iowa, Alabama, Arkansas, Georgia, and Kentucky...
Now the kicker here is that not only do they have no idea WHY these routers were specifically targeted, they have NO CLUE as to who did it. As it unfolds the 'event' marks a terrible vulnerability to all of us lowly users who rely on the people we pay for services to use and maintain a system that is not going to be compromised... The ISP is not commenting, and the event will not be featured in the 11 o'clock news. But 600,000 'new' routers will be shipped...
Word of advice from the uneducated... make your ISP replace your router every if you discover it has been listed as vulnerable. Keep the firmware updated, and brace yourself because eventually someone will try to exploit its' weaknesses.
Oops! Edit to add forgotten source link from ArsTechnica: Mystery malware destroys 600,000 routers from a single ISP during 72-hour span
