New HiatusRAT Emerges to Infect Business-Grade Routers

08 March 2023
Experts at Lumen Black Lotus Labs stumbled across a campaign dubbed Hiatus dropping a pair of payloads to infect business routers. The payloads include HiatusRAT and a variant of tcpdump (which enables packet capture on the target device). With HiatusRAT, criminals can turn a compromised machine into a secret proxy system. Researchers identified at least 100 infected systems, with most of the infections in Europe and Latin America.