Backbones under attack: software vulnerabilities in core routers

The core routers that form the Internet backbone are among the most critical but least scrutinized pieces of infrastructure. While many talks focus on BGP, routing policies or DDoS, comparatively little attention is paid to the attack surface introduced by modern virtualization and management features inside high-end routing platforms.

In this talk I will review the evolution of router malware and then present original research showing a practical attack path to persistent backdoors on modern backbone platforms by abusing virtualization features and two distinct privilege escalation vulnerabilities I discovered that enable installation of such persistent implants.

To avoid creating a roadmap for abuse, this presentation focuses on impact, architecture, detection opportunities and robust mitigations rather than exploit code or step‑by‑step instructions.

I will close with responsible-disclosure outcomes and a prioritized mitigation checklist for network operators and vendors.