Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Botnet Security Communications Government Network Privacy Software The Internet Wireless Networking Hardware Technology

DHS Warns of Mirai Botnet Threat To Cellular Modems (securityledger.com) 21

chicksdaddy writes from a report via The Security Ledger: The Mirai malware that is behind massive denial of service attacks involving hundreds of thousands of "Internet of Things" devices may also affect cellular modems that connect those devices to the internet, the Department of Homeland Security (DHS) is warning. An alert issued by DHS's Industrial Control System CERT on Wednesday warned that cellular gateways manufactured by Sierra Wireless are vulnerable to compromise by the Mirai malware. While the routers are not actively being targeted by the malware, "unchanged default factory credentials, which are publicly available, could allow the devices to be compromised," ICS-CERT warned. The alert comes after a number of reports identified devices infected with the Mirai malware as the source of massive denial of service attacks against media websites like Krebs on Security and the French hosting company OVH. The attacks emanated from a global network of hundreds of thousands of infected IP-enabled closed circuit video cameras, digital video recorders (DVRs), network video recorders (NVRs) and other devices. Analysis by the firm Imperva found that Mirai is purpose-built to infect Internet of Things devices and enlist them in distributed denial of service (DDoS) attacks. The malware searches broadly for insecure or weakly secured IoT devices that can be remotely accessed and broken into with easily guessed (factory default) usernames and passwords. The report adds: "Sierra said in an alert that the company has 'confirmed reports of the 'Mirai' malware infecting AirLink gateways that are using the default ACEmanager password and are reachable from the public internet.' Sierra Wireless LS300, GX400, GX/ES440, GX/ES450, and RV50 were identified in the bulletin as vulnerable to compromise by Mirai. Furthermore, devices attached to he gateway's local area network may also be vulnerable to infection by the Mirai malware, ICS-CERT warned. Sierra Wireless asked affected users to reboot their gateway. Mirai is memory resident malware, meaning that is erased upon reboot. Furthermore, administrators were advised to change the password to the management interface by logging in locally, or remotely to a vulnerable device."
This discussion has been archived. No new comments can be posted.

DHS Warns of Mirai Botnet Threat To Cellular Modems

Comments Filter:
  • Whenever I see the term Cell I think of a prison or something else you are locked into.

    Here we call it Mobile.

    • You're thinking correctly in that, it's right in line with why we commonly call liberating a device to run software the owner wants to run without the approval of the device's proprietor(s) "jailbreaking"—a clear acknowledgement that the device shackles the user. The real harm comes from the inequity making the owner of the computer (typically the user) subservient to whatever proprietors are involved in making and selling the device. But the device's true purpose is spying on the user's movements and

  • by whoever57 ( 658626 ) on Friday October 14, 2016 @09:38AM (#53075735) Journal
    I did not realize that Toyota had sold enough Mirai fuel-cell cars [wikipedia.org] to make a botnet.
  • I remember when those letters stood for the Department of Human Services.

    Something actually useful, in other words.

  • We can't solve all problems with laws, but some laws could reduce the problem. Here are some ideas: http://www.dwheeler.com/essays... [dwheeler.com]
  • Yes, we can!

  • How is this even considered a hack? It is basically just scanning for default passwords. Its the equivalent of buying a house with the locks on all of the exterior doors removed after a foreclosure. The seller/bank provides you with new locks in a sack for you to install, but instead, you leave all the doors without locks... So anyone who tries the handle can come in. No one would wonder why they were robbed in that situation, the same is true of any connected electronic device. Change the admin usern

    • by sjames ( 1099 )

      Same reason it's still breaking and entering even if the door isn't locked.

      • There have been a number of cases both with cars and homes where the door is left wide open (which is equivalent). It cannot be charged as B&E as there is no lock involved. If the police do it, it is often thrown out as entrapment, if a private citizen does it, it may get charged as trespassing in the home or attempted theft in the car (assuming they didn't actually steal the vehicle, just got in it.) If you have ever seen the show bait car, the cops always wait until the thief actually drives off in

  • by Anonymous Coward

    These gateways are very popular for ATM kiosks. Did you know that many of those machines still use unpatched XP and use older (hacked) secure transmission protocols?

    My advice is to never use those kiosks, only use an ATM that is in or is attached to a bank building.

Don't get suckered in by the comments -- they can be terribly misleading. Debug only code. -- Dave Storer

Working...