Thousands of AT&T customers at hacking risk due to router flaws


Router Flaws

Thousands of routers, many of which belong to AT&T U-verse customers, can be easily and remotely hacked through several critical security vulnerabilities.

Five flaws were found in common consumer Arris routers, used by AT&T customers and other internet providers around the world. According to cyber-security researchers, Arris NVG589 and NVG599 modems with the latest 9.2.2 firmware affected. But, it’s not clear who’s responsible for the bugs.

Some flaws may introduce after the routers delivered to the internet provider, which often adds customized code for remote interactions. Among the vulnerabilities hardcoded credentials, allows “root” remote access to an affected device, giving an attacker full control over the router.

AT&T expands high-speed internet to 70K locations in rural U.S.

An attacker can connect to an affected router and log-in with a publicly-disclosed username and password, granting access to the modem’s menu-driven shell. An attacker can view and change the Wi-Fi router name and password, and alter the network’s setup, such as rerouting internet traffic to a malicious server.

unencrypted web traffic

The shell also allows the attacker to control a module that’s dedicated to injecting advertisements into unencrypted web traffic. There was “no clear evidence” to suggest the module was running but noted that it was still vulnerable, allowing an attacker to inject their own money-making ad campaigns or malware.

Buggy routers don’t always lead to unauthorized network access, but can instead be hijacked as part of botnet operations, like Mirai, which when powered up can target and throw websites and services offline.

One estimation put the figure at around 138,000 routers are vulnerable to attackers. The numbers more nuanced, and the vulnerabilities not limited to the hard coded credentials flaw.

Another bug affects every single AT&T U-verse device, putting potentially millions of customers at risk. This most widespread vulnerability has the easiest fix. It hard to believe that no one affect on this vulnerability at the detriment of innocents, based on the severity of the flaws.

More information: [router flaws]