FireEye Inc (NASDAQ:FEYE) has announced that malware was detected in routers from Cisco Systems, Inc. (NASDAQ:CSCO) at in at least 14 cases.
The security company announced that its Mandiant forensics discovered the router malware called SYNful Knock in Cisco routers located in different countries including India, Philippines, Mexico, and the Ukraine. FireEye reported that the malware was detected in three router models identified by their codes as 2811, 8825 and 1841.
The specific routers in which were compromised have been off the market, but FireEye claims that there is a chance the malware has breached some other models that have similar functionalities. According to the security company, SYNful knock is an elaborate malware that hackers use to hack discretely into complex systems. Once hackers install the software, they can easily upgrade it, and it allows them to gain access to files in an organization’s system. The malware is also very hard to detect and remove, making it one of the most dangerous malware.
According to FireEye’s report, if the malware is found in a company’s router, there is a high chance that the backdoor has already been activated and that the files have already been compromised. The security agency also pointed out that the malicious software might already be modified to spread out on its own. If that is the case, then there is a chance that the software has not been used to hack into the firms where the compromised routers were installed.
The report has not indicated whether there are countermeasures to prevent attacks from such the malware. There is also no information on the actual firms that were already using the compromised routers. There was also no mention of fixes in case a firm detects that the backdoor in the software has already been used. SYNful knock is one of the examples of the dangerousradicle hackers can use to cause havoc to a firm undetected. FireEye Inc (NASDAQ:FEYE) CEO Dave DeWalt described it as the ultimate cyber crime or spyware tool.