Idiots didn’t even use keypair auth for their backdoor… the ‘key’ was right there in every copy of the firmware that left the factory or the support page.
Honestly, given that Russians of dubious motive were chatting about it in early 2010, I’m surprised than nothing more visible has happened, if only for the lulz.
