Visit us at GITEX 2023 to witness the power of Hive Pro TEM Platform: Schedule a Meeting

Hiatus Hacking Campaign Targets DrayTek Vigor Routers to Steal Data

Threat Advisories

Hiatus Hacking Campaign Targets DrayTek Vigor Routers to Steal Data

Threat Level
Attack Report

Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs.

Summary

A malware campaign called “Hiatus” that targets business-grade routers, specifically DrayTek Vigor models 2960 and 3900 running an i386 architecture. The campaign started in July 2022 and is ongoing, the campaign deploys two malicious binaries: HiatusRAT, a Remote Access Trojan, and a variant of tcpdump that enables packet capture.

Sign up to receive our Weekly Threat Digest