Tomcat
Professional
- Messages
- 2,695
- Reaction score
- 1,072
- Points
- 113
Dean Haynes experts (Dina Haines) and Corey Kujawski (Cory Kujawski) of the company's White Ops discovered discovered thousands of compromised routers Asus (estimated to be 50 thousand -. 120 thousand.). Access to some Asus devices is offered for just a few dollars. The data is posted on the avatools [.] ru website, which launched in August last year and currently has about 100 active users, Forbes reported.
The criminal also supplements its proposals with separate databases, one of which contained personal information of about 500 thousand Americans, and the other contained credit card information.
There are several reasons for scammers to use such compromised routers. First, they mask the attacker's original IP address. Second, fraud detection systems block a transaction if it occurs outside the region where the card is normally used. Thus, having gained access to a router located in the same region where the victim's transactions mainly take place, the probability of blocking an illegal financial transaction will be extremely small.
The attacker is allegedly acting as a middleman to help fraudsters, the researchers said, as he verified IP addresses using several publicly available fraud detection tools. Each IP was then assigned a score from 0 to 100 - the higher the number, the more likely it is to have been exploited in the past.
The prices for jailbroken devices range from $ 3 to $ 15, and the attacker receives the money on the Qiwi wallet.
According to the researchers, the creator of Ava-Tools discovered vulnerable Asus routers as a result of mass scanning for devices containing the old (and already fixed) vulnerability CVE-2018-18287.
According to experts, the criminal also managed to gain access to devices from 30 other suppliers. Experts have gained access to some of the criminal's information and assume that he is a resident of Moldova working in cooperation with a security specialist.
