In this talk I’ll describe the events surrounding a destructive attack that took 600,000 routers offline in less than 3 days, all belonging to a single ISP, with most devices rendered permanently inoperable. I’ll describe the malware used, and talk about how we saw the event unfold, why months went by before anyone was able to publish research on the event, and how it still has not been acknowledged by the victim ISP.