2026-06-24 –, Track 1
The core routers that form the Internet backbone are among the most critical but least scrutinized pieces of infrastructure. While many talks focus on BGP, routing policies or DDoS, comparatively little attention is paid to the attack surface introduced by modern virtualization and management features inside high-end routing platforms.
In this talk I will review the evolution of router malware and then present original research showing a practical attack path to persistent backdoors on modern backbone platforms by abusing virtualization features and two distinct privilege escalation vulnerabilities I discovered that enable installation of such persistent implants.
To avoid creating a roadmap for abuse, this presentation focuses on impact, architecture, detection opportunities and robust mitigations rather than exploit code or step‑by‑step instructions.
I will close with responsible-disclosure outcomes and a prioritized mitigation checklist for network operators and vendors.
Seasoned network engineer, Pierre has been working at securing wan IP networks, from small CPE routers to carrier-grade behemoths at Orange for almost 20 years.
With a purple teamer approach he's always trying to find new ways to break into his networks, then fixing the issues while improving detection.