As first reported by ISPreview, affected customers (including those in Australia and outside the UK) were told to upgrade their devices to the latest firmware, disable SSLVPN/Remote Access, or even switch to routers from other vendors if the issues weren't fixed. Impacted ISPs (including Gamma, Zen Internet, ICUK, and A&A in the United Kingdom and elsewhere) confirmed these reports and linked the Internet connection issues to attacks targeting unspecified vulnerabilities, knocking the routers offline, or a buggy software update pushed by DrayTek that caused impacted devices to enter a boot loop. "We urge customers to upgrade the DrayTek router to the latest firmware, or switch out the router entirely, to restore connectivity. Many Internet service providers (ISPs) worldwide are alerting customers of an outage that started Saturday night and triggered DrayTek router connectivity problems. In October, DrayTek also fixed critical security flaws that affected 24 router models and over 700,000 devices whose web user interface was exposed on the Internet. We have had confirmation from other end users that the latest firmware from DrayTek resolves the fault," Zen Internet said. While DrayTek has yet to reply to BleepingComputer's request for comment, it published a support document on Monday regarding this incident, providing guidance on addressing the router reboot issues. BleepingComputer has contacted DrayTek to ask if the reboot loops were caused by vulnerability exploitation or buggy firmware and will update if we hear back. If you are seeing broadband circuits exhibiting repeat short sessions, please upgrade the firmware to the latest version," ICUK added.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Mon, 24 Mar 2025 18:20:05 +0000