- "기밀 VM의 빈틈을 메운다" 마이크로소프트의 오픈소스 파라바이저 '오픈HCL'란?
- The best early Black Friday AirPods deals: Shop early deals
- The 19 best Black Friday headphone deals 2024: Early sales live now
- I tested the iPad Mini 7 for a week, and its the ultraportable tablet to beat at $100 off
- The best Black Friday deals 2024: Early sales live now
No evidence that TP-Link routers are a Chinese security threat
One research report cited by O’Rielly came from Check Point, which discovered that a Chinese state-sponsored APT group it tracks as Camaro Dragon implanted a malicious backdoor called Horse Shell that was tailored for TP-Link routers. Check Point notes that Horse Shell “is a binary compiled for MIPS32 MSB operating system and written in C++. Many embedded devices and routers run MIPS-based operating systems, and TP-Link routers are no different.”
Malware could have just as easily been planted on other brands’ equipment
The author of that report, Itay Cohen, research lead at Check Point, tells CSO that the Chinese threat group could have just as easily implanted the malware on routers from US-based Cisco, which are manufactured in Korea, China, Taiwan, Malaysia, and Singapore, or US-based Netgear, which outsources its router manufacturing to electronics companies in other countries, including China or Taiwan.
“In many cases, the same attackers are using different router vendors,” Cohen says. “There is a chance that in the attack we analyzed, more router vendors were infected in the chain. Even though we found it for TP-Link-specific versions, the code was not written specifically for TP-Link. It was generic enough that it theoretically could have been written as a framework that the attackers deploy on other routers or other vendors.”