Cisco 1841, 2811, 3825 routers and more are infected with backdoors in several countries worldwide

[Sushubh]

Cisco routers in at least 4 countries infected by highly stealthy backdoor | Ars Technica

The SYNful knock malware has been found on 14 routers in four countries, including Ukraine, the Philippines, Mexico, and India and is likely being used to infect other parts of the targeted networks, researchers from security firm FireEye wrote in a report published Tuesday morning. The malicious router implants are loaded each time the device is powered on and support up to 100 modules, which can be tailored to individual targets. Cisco Systems officials have confirmed the findings and published intrusion detection signatures that customers can use to block attacks in progress.

Cisco router break-ins bypass cyber defenses | Reuters
Attackers are hijacking critical networking gear from Cisco, company warns | Ars Technica
SYNful Knock: Detecting and Mitigating Cisco IOS Software Attacks
SYNful Knock - A Cisco router implant - Part I « Threat Research | FireEye Inc