Vulnerability: criminals hijacked Vodafone EasyBox router.
Harassment calls and expensive calls to international numbers: Hacker exploits the vulnerability of routers from Vodafone, hijacks and misuses the equipment. Vodafone knew the weak spot in routers for months and wasn't able to prevent it. Although the company reports that the vulnerability will be fixed in the end of August.
Hamburg,Germany - Vodafone now officially reports the serious vulnerability in their own routers, as a "potential vulnerability". Unknown attacker exploited the vulnerability in the routers for a longtime to bombard others with harassment calls and all other type of illegal activities since the calls can't be traced.
An it service provider in the Krefeld city reports that his company was bombarded with calls from unknown person. He tried to locate the owner of the phone number from which he got calls and came to know that they were all Vodafone customers and users of the Vodafone EasyBox router.
Vodafone: All hacking attempts intercepted and blocked.
Vodafone reported to the affected customers were that the company have intercepted and blocked all hacking attempts further made by hackers. Vodafone assured, that none of the customers had any financial loss due to these activities made by the criminals.
Obviously someone in the Krefeld city knew the vulnerability in the EasyBox router and cracked it. This is possible within the region of each WLANs without having access to home or office or breaking and entering anyone's home.
The Federal Office for Security in Information Technology (BSI) has warned in early August that such attacks are possible. Currently, it is still unclear how the perpetrators could miss broke the router for calls.
According to Vodafone, the EasyBox models 600-602 and 800-803 are concerned, they have been produced before August 2011. BSI and Vodafone are going to provide info pages ,notes, on how to secure the routers. Vodafone promises to deliver an updated system software for the devices involved in the hacking attempt made in last week of August. Although Vodafone knew about this vulnerability since December 2012 but the company pointed it out it was verified by the company by consulting the security experts SEC.
No comments:
Post a Comment