Cyberattack took out more than 600,000 routers in a recently discovered 2023 hack

A hacking group that has yet to be identified executed a large cyberattack on a telecommunications company in the U.S. late last year. Consequently, the attack disabled hundreds of thousands of internet routers, according to Reuters.

The report mentioned that analysts with Lumen Technologies' Black Lotus Labs initially discovered the attack and shared their findings. When the incident occurred in October, it was not immediately shared with the public. Independent experts were able to confirm that the cyberattack had affected more than 600,000 internet routers.

'We assess with high confidence that the malicious firmware update was a deliberate act intended to cause an outage.'

In Lumen Technologies' blog post entitled "The Pumpkin Eclipse," they said the attack took place over three days. The infected devices were rendered "permanently inoperable, and required a hardware-based replacement." The post went on to say that "[p]ublic scan data confirmed the sudden and precipitous removal of 49% of all modems from the impacted ISP’s autonomous system number (ASN) during this time period."

However, the report did not mention the company that was attacked. And Lumen Technologies did not attribute the attack to a certain hacker group or country of origin. Researchers claimed that the hackers used common methods to carry out the attack, which makes those behind it more challenging to identify.

“We assess with high confidence that the malicious firmware update was a deliberate act intended to cause an outage,” Lumen Technologies reported. “Destructive attacks of this nature are highly concerning, especially so in this case."

Reuters reported that the evidence produced in the Lumen Technologies report suggested that the victim was Arkansas-based internet service provider Windstream. However, the company has not confirmed this to be the case, and the FBI has also declined to comment on the situation.

Researchers have insisted that there are potentially serious consequences that could manifest from the attack.

"A sizeable portion of this ISP’s service area covers rural or underserved communities; places where residents may have lost access to emergency services, farming concerns may have lost critical information from remote monitoring of crops during the harvest, and health care providers cut off from telehealth or patients’ records,” the researchers said.

The report mentioned that it was not clear if the FBI was notified of the hack when it occurred. Private companies are known to keep that information private.

Like Blaze News? Bypass the censors, sign up for our newsletters, and get stories like this direct to your inbox. Sign up here!