It is currently 16-12-2017 12:08

Hackers are exploiting a vulnerability in the modems Arris to steal digital certificates

Hackers are exploiting a vulnerability in the modems Arris to steal digital certificates

by sigismund » 2016-09-16 16:09:31


about 35 thousand cable modems Arris are still under the threat of cyber attacks.


Hackers continue to exploit a vulnerability in cable routers Arris TG862 to steal information about the device configuration, and digital certificates. In the attacks used BY malware LuaBot (version ARMEB). We will remind, in November 2015, the independent researcher from Brazil Bernardo Rodriguez Bernardo Rodrigues found the backdoor in the modem manufacturing company Arris. As it was reported, the vulnerability affected more than 600 thousand units.

Some time ago the manufacturer released a patch that resolves this issue, however, about 35 thousand modems in the United States, Mexico and Brazil remain vulnerable, than not fail to exploit. As suggested by Bernardo Rodrigues, the number of infected devices can greatly exceed that figure, since Luabot blocks external access to the device.

For the first time about the malware LuaBot said the researcher under the pseudonym MalwareMustDie! in early September of this year. This family represents the most new malware for Linux, infecting servers and devices "Internet of things", and can also perform DDoS attacks. According to Rodriguez, in the attacks on the Arris modems try to use the latest version ON ARMEB. The stolen data, the criminals selling to manufacturers specializing in the production of duplicates of the popular modems.
sigismund
moderators
Сообщений: 788
Депозит: 0 BTC

Rating: 5