Quad7 botnet targets more SOHO and VPN routers, media servers
The Quad7 botnet is expanding its targeting scope with the addition of new clusters and custom implants that now also target Zyxel VPN appliances and Ruckus wireless routers. [...]
Zyxel makes networking devices and software whose vulnerabilities, security advisories, and updates can affect access controls, data, and connected networks.
Search across headline titles and summaries.
Background for this topic.
Zyxel is a networking-equipment vendor whose products include routers, firewalls and VPN gateways, switches, wireless access points, and some network-attached storage devices. These systems provide connectivity and, in many deployments, sit at the network edge or enforce access between internal networks and the internet. Their firmware and web-based administration interfaces are therefore central to how the equipment is configured and secured.
Security advisories for Zyxel devices matter because flaws in firmware or management services can enable unauthorized administration, configuration changes, or access through exposed WAN, VPN, or web interfaces. Risk depends on the affected model, firmware version, exposure, and configuration; it is not uniform across the product range. Defenders should maintain an accurate device inventory, track model-specific advisories, restrict management access to trusted networks, disable unnecessary internet-facing services, and apply supported updates promptly. Devices that are end-of-support or cannot be patched may require isolation or replacement, while logs and configuration changes can help identify attempted compromise.
The Quad7 botnet is expanding its targeting scope with the addition of new clusters and custom implants that now also target Zyxel VPN appliances and Ruckus wireless routers. [...]