Hackers hijack 300, 000-plus wireless routers, make malicious changes | Ars Technica
vovan at fakmoymozg.ru
Tue Mar 4 11:46:20 UTC 2014
On Tue, 04 Mar 2014 09:00:18 +0100, Jay Ashworth <jra at baylink.com> wrote:
> Is there any valid reason not to black hole those /32s on the back bone?
>> The telltale sign a router has been compromised is DNS settings that
>> have been changed to 18.104.22.168 and 22.214.171.124. Team Cymru researchers
>> contacted the provider that hosts those two IP addresses but have yet
>> to receive a response.
you wanted to say "blackhole those 126.96.36.199/22 and 188.8.131.52/22", aren't
More information about the NANOG