Cuttlefish Malware Stealing Data And Credentials By Infecting Routers

The new malware 'Cuttlefish' infects enterprise and SOHO routers, stealing data and authentication info. Black Lotus Labs found it creates proxy/VPN tunnels for discreet data theft, bypassing security. It can hijack DNS/HTTP, disrupting internal communication. Though similar to HiatusRat, no concrete links found, attribution is challenging. Active since July 2023, mainly in Turkey, impacting satellite phone and data center services. Read more...