A Chinese cyberespionage group with a history of exploiting proprietary network-edge devices and developing custom malware for them has also been targeting enterprise and ISP-grade Juniper MX Series routers, according to a report by Google’s Mandiant team.
The attackers were able to bypass the file integrity protections of Junos OS, the FreeBSD-based operating system used on Juniper Networks’ routers, to deploy custom backdoors. This activity, attributed to an advanced persistent threat (APT) group that Mandiant team tracks as UNC3886, dates back to at least the middle of 2024 and seems to have affected Juniper MX routers that were running end-of-life hardware and software versions.
Continue reading on CSOonline.com
Source:: Network World