BTW.Media
Strategic Internet IntelligenceMay 12, 2026
Sign InRegister

Trends

Unidentified hackers disable 600,000 US routers

Lumen Technologies’ Black Lotus Labs discovered the attack, attributing it to a malicious firmware update targeting routers.

cyberattact
AuthorSissy Li
Reading Time2 min
PublishedMay 31, 2024
Primary DomainN/A
Content TypeN/A
TopicN/A
EntityN/A
RegionN/A
Time HorizonN/A
ImpactN/A
ConfidenceN/A

Headline

Lumen Technologies’ Black Lotus Labs discovered the attack, attributing it to a malicious firmware update targeting routers.

Context

Lumen Technologies’ Black Lotus Labs uncovered a significant cyberattack targeting a telecommunications company in the US heartland. This clandestine assault, occurring last October, resulted in the disabling of more than 600,000 internet routers, amplifying concerns over the vulnerability of critical infrastructure to malicious digital incursions. Security analysts from Lumen Technologies’ Black Lotus Labs identified a massive cyberattack that disabled over 600,000 internet routers in the US heartland. The incident, occurring from October 25 to 27, impacted numerous Midwest states, disrupting internet access and potentially affecting emergency services, farming operations, and healthcare providers in rural and underserved areas.

Evidence

Pending intelligence enrichment.

Analysis

Also read: Ukraine’s Kyivstar allocates $90 million to tackle cyberattack fallout Also read: Cyberattack on Change Healthcare sparks concerns over security The attack involved a malicious firmware update that rendered the routers inoperable by deleting crucial operational code. The precise method by which this firmware update was delivered to users remains unclear. The malware continued to circulate on the internet months after the attack through certain file links left visible by the hackers. Lumen Technologies reported with high confidence that the firmware update was a deliberate act intended to cause an outage. The researchers emphasised the serious consequences of such destructive attacks, particularly for communities heavily reliant on internet access for essential services.

Key Points

  • Unidentified hackers launched a cyberattack in October, disabling over 600,000 internet routers across the US heartland.
  • Lumen Technologies’ Black Lotus Labs discovered the attack, attributing it to a malicious firmware update targeting routers.
  • The attack severely impacted rural and underserved communities, disrupting emergency services, farming operations, and healthcare access.

Actions

Pending intelligence enrichment.

Author

Sissy Li (s.li@btw.media)· author profile pending