Orange Spain Faces BGP Traffic Hijack After RIPE Account Hacked by Malware

January 5, 2024 at 05:27AM On January 3, Orange Spain experienced an internet outage due to a threat actor using stolen admin credentials to manipulate BGP traffic. Personal data was not compromised, but browsing services were affected. The incident was linked to an employee’s system infiltration by Raccoon Stealer malware. Security flaws in RIPE’s system … Read more

Administrator Account For Middle East Internet Registry Hacked

January 4, 2024 at 01:32PM RIPE, the Regional Internet Registry for Europe, the Middle East, and Central Asia, is investigating a compromised administrator account that disrupted network traffic. The compromise affected some services and potentially other accounts, prompting RIPE to contact affected account holders. Additionally, a threat actor announced unauthorized access to a RIPE administrator … Read more

Infostealer malware, weak password leaves Orange Spain RIPE for plucking

January 4, 2024 at 08:18AM The massive outage at Orange Spain, affecting around half its network’s traffic, was caused by an infostealer malware gaining access to an employee’s account with the weak password “ripeadmin.” This breach allowed an attacker operating under the alias “Snow” to manipulate the network’s border gateway protocol (BGP) traffic. The incident … Read more

RIPE Account Hacking Leads to Major Internet Outage at Orange Spain 

January 4, 2024 at 06:42AM Orange Spain experienced a prolonged internet outage due to a hacker attack on January 3. The hacker, known as ‘Snow’, gained control of Orange’s RIPE account, disrupting internet traffic using stolen credentials. Orange confirmed the attack, stating that customer data was not compromised, and the impacted services have been restored. … Read more

Hacker hijacks Orange Spain RIPE account to cause BGP havoc

January 3, 2024 at 02:46PM Orange Spain experienced an internet outage due to a hacker breaching its RIPE account and misconfiguring BGP routing and RPKI settings. This allowed the hacker to divert traffic to malicious destinations. The hacker, known as ‘Snow,’ disabled RPKI, causing a performance issue. Orange Spain is restoring services and investigating the … Read more