Security researchers at Mandiant have discovered a series of custom backdoors deployed on end-of-life Juniper Networks Junos OS routers by a Chinese cyberespionage group that has historically targeted network devices.
According to Mandiant documentation, the backdoors were planted on end‑of‑life hardware and software and included bypasses for Junos OS’s veriexec subsystem, a kernel‑based file integrity protection mechanism.
Technical analysis shows that the attackers gained privileged access through legitimate credentials, entering the FreeBSD shell via the Junos OS CLI. Once inside, they employed process injection techniques to avoid triggering veriexec alerts.
[...]
Mandiant Uncovers Custom Backdoors on End-of-Life Juniper Routers
Mandiant Uncovers Custom Backdoors on End-of-Life Juniper Routers
-
rbc
- Secretary
- Posts: 349
- Joined: Mon Oct 30, 2023 1:32 am
- Location: Vicksburg, MS
- ISC2 Member Status: Yes
- Contact:
Mandiant Uncovers Custom Backdoors on End-of-Life Juniper Routers
Robert B. Carleton + ISC2 Central Mississippi Secretary