{"id":1683,"date":"2025-01-29T03:00:19","date_gmt":"2025-01-29T03:00:19","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=1683"},"modified":"2025-01-29T03:00:19","modified_gmt":"2025-01-29T03:00:19","slug":"unknown-threat-actor-targeting-juniper-routers-with-backdoor-report","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=1683","title":{"rendered":"Unknown threat actor targeting Juniper routers with backdoor: Report"},"content":{"rendered":"<div>\n<div class=\"grid grid--cols-10@md grid--cols-8@lg article-column\">\n<div class=\"col-12 col-10@md col-6@lg col-start-3@lg\">\n<div class=\"article-column__content\">\n<div class=\"container\"><\/div>\n<p>Network administrators using routers from Juniper Networks are being urged to scan for possible compromise after the discovery that an unknown threat actor has been installing a backdoor in customer routers since at least 2023.<\/p>\n<p>The bad news: According to researchers at Lumen Technology\u2019s Black Lotus Labs, the unknown attacker can install a reverse shell on the local file system so they can control the router, steal data, or deploy more malware.<\/p>\n<p>Even more bad news: <a href=\"https:\/\/www.sans.org\/newsletters\/newsbites\/xxvii-6\/\">In a commentary, <\/a>SANS Institute instructor Moses Frost noted that \u201cJuniper is installed in many internet service providers\u2019 backbones, and so having a backdoor on these systems can be a major problem.\u201d<\/p>\n\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>Network administrators using routers from Juniper Networks are being urged to scan for possible compromise after the discovery that an unknown threat actor has been installing a backdoor in customer routers since at least 2023. The bad news: According to researchers at Lumen Technology\u2019s Black Lotus Labs, the unknown attacker can install a reverse shell [&hellip;]<\/p>\n","protected":false},"author":0,"featured_media":1684,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-1683","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/1683"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1683"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/1683\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/media\/1684"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1683"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1683"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1683"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}