<ul><li>A mass exploitation campaign originating from Eastern Europe has targeted ISPs in China and the U.S. West Coast.</li><li>The threat actors gain access through weak credential brute-force and deploy info stealers and crypto miners.</li><li>The malware disables remote access and uses PowerShell to drop binaries and disable security features.</li><li>The campaign focuses on ISPs in China and the U.S. West Coast, and the malware sends data to its C2 server via a Telegram bot.</li></ul>

Mass exploitation campaign hit 4,000+ ISP networks to deploy info stealers and crypto miners

Discover more