After reading the actual report, I think bruce is making assumptions about the attackers' motivations that may or may not be the case.

https://blog.lumen.com/the-pumpkin-eclipse/

Still, 600k routers  gone in 72 hours is quite a lot. If they were also being actively used in a botnet, good riddance. 

On Sun, Jun 2, 2024 at 1:05 PM Josh Luthman <josh@imaginenetworksllc.com> wrote:
>And then when it became clear that the issue wasn't being addressed, they forcibly turned off those 600,000 routers. I am finding it difficult not to applaud that action.

The concern is that someone would shut off the routers or compromise them, so they compromised and shut them off?



--
https://www.youtube.com/watch?v=BVFWSyMp3xg&t=1098s Waves Podcast
Dave Täht CSO, LibreQos