2025-01-30 21:25:27 Pacfic
Juniper Routers Targeted by J-Magic Malware - 5d
A sophisticated campaign dubbed ‘J-Magic’ has been discovered targeting enterprise-grade Juniper routers. Attackers are using ‘magic packets’ to trigger a custom cd00r variant, allowing them to establish a reverse shell and gain full access. The J-magic malware was found to be active from 2023 until at least mid-2024. The malware passively monitors the network for these ‘magic packets’, which are specifically designed TCP packets. This allows for data exfiltration, device takeover, and further malware deployment. This malware targeted semiconductor, energy, manufacturing and IT sectors.
Mirai Botnet Targets Juniper Routers With Default Passwords - 10d
Juniper Networks has issued a warning regarding the Mirai botnet exploiting Session Smart Routers (SSR) due to unchanged default passwords. The Mirai botnet is actively targeting these devices, which could lead to significant security breaches. It is crucial for Juniper SSR users to immediately change the default password to prevent infection and secure their systems against this threat. This highlights the critical importance of strong password hygiene.