ASUS WebStorage abused to spy on users at the router level

Discussion in 'other security issues & news' started by hawki, May 14, 2019.

  1. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    4,192
    Location:
    DC Metro Area
    "Vulnerable software is potentially facilitating surveillance and data theft.

    The ASUS WebStorage system is being actively abused to perform Man-in-The-Middle (MiTM) attacks, researchers say.

    ESET researcher Anton Cherepanov published a report detailing attack vectors related to WebStorage, ASUS's cloud storage service, on Tuesday.

    According to the team, the Plead malware may be being distributed through MiTM attacks taking place against ASUS software.
    Plead is a malware variant which specializes in data theft through a combination of the Plead backdoor and Drigo exfiltration tool

    The malware has been connected to BlackTech, a cyberespionage group which is believed to be operating in Asia and has been linked to attacks against targets in Taiwan, Japan, and Hong Kong...."

    https://www.zdnet.com/article/asus-webstorage-abused-to-spy-on-users-at-the-router-level/
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.