Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Incidents

Cyberattack Bricks 600,000 US SOHO Routers

May 30, 2024
Reading Time: 3 mins read
in Incidents
Cyberattack Bricks 600,000 US SOHO Routers

A mysterious cyber attack has resulted in the bricking of over 600,000 small office/home office (SOHO) routers in the United States, causing significant disruption to internet access. Codenamed Pumpkin Eclipse, the attack occurred between October 25 and 27, 2023, targeting three router models issued by an undisclosed internet service provider (ISP). The affected routers, including ActionTec T3200, ActionTec T3260, and Sagemcom, were rendered permanently inoperable, requiring hardware-based replacement.

The scale and impact of the attack are unprecedented, with the affected ISP experiencing the removal of 49% of all modems from its autonomous system number (ASN) during the attack period. While the identity of the ISP remains undisclosed, evidence suggests it could be Windstream, which suffered a similar outage around the same time. Analysis conducted months later by Lumen’s Black Lotus Labs team revealed the use of the Chalubo remote access trojan (RAT) as the weapon of choice by the attackers.

Chalubo, a commodity RAT documented by Sophos in October 2018, is known for its stealthy capabilities and DDoS attack functionality. The attackers likely chose Chalubo to obfuscate attribution efforts, opting for a commodity malware instead of a custom toolkit. The exact method of initial access to the routers remains unclear, but weak credentials or exploited administrative interfaces are suspected. The targeting of a single ASN in the attack raises questions about the motive behind the incident, as previous attacks have typically focused on specific router models or vulnerabilities.

Reference:
  • Cyberattack Bricks 600,000 US Home Office Routers
Tags: cyber incidentsCyber Incidents 2024Cyber threatsMay 2024Pumpkin EclipseRoutersSOHO RoutersUnited States
ADVERTISEMENT

Related Posts

Interlock Ransomware Threat Alert

Hackers Use Ransomware on SharePoint Servers

July 24, 2025
Interlock Ransomware Threat Alert

Data Breach Affects 340K Jobseekers

July 24, 2025
Interlock Ransomware Threat Alert

Beluga Vodka Ransomware Attack Reported

July 24, 2025
UK Advances Plan to Report Ransomware Attack

Weak Password Triggers Ransomware Old Firm

July 23, 2025
UK Advances Plan to Report Ransomware Attack

US Nuclear Agency Breached in MS Hack

July 23, 2025
UK Advances Plan to Report Ransomware Attack

European Healthcare Network Breached

July 23, 2025

Latest Alerts

Interlock Ransomware Threat Alert

GitLab Patches Key Vulnerabilities

Backdoor Found in WP Plugins

Lumma Stealer Returns with New Tactics

npm Phishing Emails Target Developer Logins

MuddyWater Emerges Amid Iran-Israel Clash

Subscribe to our newsletter

    Latest Incidents

    Data Breach Affects 340K Jobseekers

    Hackers Use Ransomware on SharePoint Servers

    Beluga Vodka Ransomware Attack Reported

    Weak Password Triggers Ransomware Old Firm

    US Nuclear Agency Breached in MS Hack

    European Healthcare Network Breached

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial