Mystery #malware destroys 600,000 #routers from a #Windstream's Kinetic #ISP during 72-hour span
Incident, "#PumpkinEclipse," believed to be result of deliberate attack using commodity malware, #Chalubo to overwrite #router #firmware. Windstream, which has about 1.6 million subscribers in 18 states, has not provided an explanation for outage. Company sent replacement routers to affected customers, many of whom reported significant financial losses due to the disruption.
https://arstechnica.com/security/2024/05/mystery-malware-destroys-600000-routers-from-a-single-isp-during-72-hour-span/

Kit from #ActionTec and #Sagemcom remotely ruined and required replacement.

Almost half of #Windstream’s #Kinetic broadband users found their home routers completely dead, thanks to a malicious botnet known as #Chalubo. This happened seven months ago, but has only now come to light—via researchers who dubbed it #PumpkinEclipse.

It has echoes of Ukrainian #ISP modems mysteriously self destructing, just before the 2022 Russian invasion. In #SBBlogwatch, we wonder if this was a test of something bigger. At @TechstrongGroup’s @SecurityBlvd: https://securityboulevard.com/2024/05/pumpkin-eclipse-windstream-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc