Chinese Cyber Espionage Group UNC3886 Backdoored Juniper Routers
hackread.comUNC3886 hackers target Juniper routers with custom backdoor malware, exploiting outdated systems for stealthy access and espionage. Learn how to stay protected.
Cybersecurity researchers at Google’s Mandiant have exposed a series of attacks which took place in mid-2024 targeting Juniper routers running the Junos OS operating system. These attacks, linked to a Chinese hacking group known as UNC3886, involved planting custom-built malware designed to secretly control the devices while evading detection.
What Happened?
Mandiant’s investigation revealed that UNC3886 deployed backdoors disguised as legitimate system processes on Juniper MX routers running outdated hardware and software. These routers, using end-of-life (EOL) configurations, were easier targets due to vulnerabilities in their security systems. The malware leveraged Junos OS’s Veriexec, a file integrity monitor, to avoid detection. Instead of disabling Veriexec, the attackers injected malicious code into legitimate processes
According to the company’s blog post shared with Hackread.com ahead ...
Copyright of this story solely belongs to hackread.com . To see the full text click HERE