Latest news with #Faceless

Epoch Times

FBI Warns of Attacks on Old Internet Routers, Explains How to Prevent Them

The FBI on Wednesday warned that American internet users and smaller businesses should be wary of entities taking advantage of older internet routers that could be 'susceptible to vulnerabilities,' namely from a malware known as 'TheMoon.' 'When a hardware device is end-of-life, the manufacturer no longer sells the product and is not actively supporting the hardware, which also means they are no longer releasing software updates or security patches for the device,' the agency 'Routers dating from 2010 or earlier likely no longer receive software updates issued by the manufacturer and could be compromised by cyber actors exploiting known vulnerabilities.' The bureau noted that some older routers were breached by hackers using TheMoon malware and that recently some end-of-life routers 'were identified as compromised by a new variant of TheMoon malware,' allowing the 'cyber actors to install proxies on unsuspecting victim routers and conduct cyber crimes anonymously.' Private cybersecurity organizations have been detailing the threat posed by TheMoon for years, which 'After compromising these devices, the malware utilizes them to route traffic through a proxy service known as Faceless,' added Broadcom, which owns subsidiaries that produce the Norton, Avast, AVG, and Avira anti-virus programs. 'It actively seeks out specific shell environments to execute its primary malicious payload and establishes connections with the threat actors' command and control server to receive further instructions.' Related Stories 5/7/2025 5/7/2025 The FBI recommended that older routers be replaced with an updated model, and users apply a security patch if available for the device, as well as disable remote management or remote administration on the router, and use strong passwords of more than 16 characters. 'Commonly identified signs of malware infections on routers include overheating devices, problems with connectivity, and changes to settings the administrator does not recognize,' the FBI said. Telecommunications company Lumen Technologies 'Lumen has stopped all traffic to and from the infrastructures associated with TheMoon and Faceless across its global network,' the company said in a statement last year. 'Small office routers continue to be a key target for cybercriminals. In less than two years, Black Lotus Labs has discovered six large malware campaigns using compromised [small office/home office] routers.' FBI Director Kash Patel testified this week before Congress and said the FBI seeks about $11.1 billion to fund its law enforcement activities, $1 billion more than the White House proposed. 'We have not looked at who to cut,' Patel said, referring to possible staff terminations. 'We are focusing our energies on how not to have them cut.' Reuters contributed to this report.