I am curious if other Operators are seeing issues on their networks due to users with Android STBs called SuperBox? It appears there are some recent findings about a malware called KIMWOLF.
We are seeing several customers report issues due to their IP being added to a block list. Our Trouble department may swap out the customer's router, thinking it could be bad. The new router gets a new IP, and It temperarlly fixes the issue. I am curious if other users have found a good way to identify this traffic? I am also curious if you have implemented any Block lists that could be shared with the Group that could help stop the traffic? Thanks for any ideas you can share. _______________________________________________ NANOG mailing list https://lists.nanog.org/archives/list/[email protected]/message/K44SCILZZOAWFOKZ5U7HHXTKDCGGF6BS/
