Mystery malware destroys 600,000 routers from a single ISP during 72-hour span
An unknown threat actor with equally unknown motives forces ISP to replace routers.
Enlarge (credit: Getty Images)
One day last October, subscribers to an ISP known as Windstream began flooding message boards with reports their routers had suddenly stopped working and remained unresponsive to reboots and all other attempts to revive them.
“The routers now just sit there with a steady red light on the front,” one user wrote, referring to the ActionTec T3200 router models Windstream provided to both them and a next door neighbor. “They won't even respond to a RESET.”
In the messages—which appeared over a few days beginning on October 25—many Windstream users blamed the ISP for the mass bricking. They said it was the result of the company pushing updates that poisoned the devices. Windstream’s Kinetic broadband service has about 1.6 million subscribers in 18 states, including Iowa, Alabama, Arkansas, Georgia, and Kentucky. For many customers, Kinetic provides an essential link to the outside world.
What's Your Reaction?
/cdn.vox-cdn.com/uploads/chorus_asset/file/25420631/Screen_Shot_2024_04_26_at_1.29.30_PM.png)
/cdn.vox-cdn.com/uploads/chorus_asset/file/23952247/HT012_google_0003.jpg)
