Hackers last Friday disrupted internet access in Russia and Iran with an attack that left a digital message: an image of the US flag accompanied by the words, “Don’t mess with our elections.”
The messages were written on Cisco network switches, which came under assault from a mysterious hacking group calling itself “JHT.”
In an email, the group told Motherboard: “We were tired of attacks from government-backed hackers on the United States and other countries.”
“We simply wanted to send a message,” the group added.
To attack the network switches, the hackers exploited a publicly known bug in Cisco’s software that can let you execute code and trigger an outage. Cisco has released a patch, but not everyone has had a chance to install it.
The security firm Kaspersky Lab noticed the disruption and said it mainly hit “the Russian-speaking segment” of the internet by attacking data centers installed with the network switches. As a result, some websites briefly went down.
The hackers most likely programmed a bot to search for the Cisco switches by scanning the open internet, according to Kaspersky Lab.
In russia as well. Photo from Russian telecom operators telegram channel. pic.twitter.com/7SaMLiDEeN
— Denys Fedoryshchenko (@nuclearleb) April 7, 2018
So far, the mysterious hacking group JHT has remained largely mum on last Friday’s attack. Messages to the the group’s email address at firstname.lastname@example.org were not immediately returned. But JHT hasn’t been the only party to attack the network switches.
Last Thursday, Cisco published a blog post, mentioning that its devices were coming under the attack by nation-state actors, including those from Russia. The incidents have occurred in “multiple countries” and targeted critical infrastructure, Cisco said.
thanks you RSS link