Security News Mirai IoT DDoS Trojan Now Targets Cellular Network Equipment

Exterminator

Exterminator

Community Manager
Thread author
Verified
Staff Member
Well-known
Oct 23, 2012
12,527
Sierra Wireless, one of the biggest hardware manufacturers of mobile equipment, has issued an alert yesterday, warning customers not to use default passwords with their devices or be at risk of infection from the infamous Mirai malware.

The company says that Airlink wireless routers and gateways deployed with 3G and 4G LTE cellular networks are at risk.

Sierra says that network operators that use these devices across their infrastructure, and are using them with their default credentials, are at risk of having the devices taken over and employed in DDoS attacks.

The company lists Sierra Airlink models LS300, GX400, GX/ES440, GX/ES450, and RV50 as vulnerable to Mirai takeovers.

Devices with default password at at grave risk
"Because the malware resides only in memory, rebooting the gateway will remove the infection," the company writes in an advisory published on its website.

"However, if the gateway continues to use the default ACEmanager password, it will likely become re-infected," Sierra experts add.
The dangers of having 3G and 4G wireless gateways taken over by Mirai is huge. These devices are very popular, especially Sierra-made equipment, and are spread all over the world in large numbers.

While they may not be the brains behind a cellular network, they are its backbone. Additionally, they have huge bandwidth at their disposal in order to route everyone's mobile and Internet traffic, making them the perfect targets for a DDoS trojan.

Real danger behind taking over 3G/4G network's backbone
Because of this, the US Department of Homeland Security's ICS-CERT department hasrepublished the Sierra advisory on its website, so other vendors and Sierra customers could take notice and prevent any potential infections.

For its part, Sierra has confirmed Mirai infections of Airlink devices, proving the danger is clear and present.

The Mirai Linux trojan targets IoT devices and was used to build a massive botnet that had been behind two of the largest DDoS attacks known to date, against French ISP OVH and journalist Brian Krebs' website.
Click to expand...
 
  • Like
Reactions: Solarquest, shukla44 and Der.Reisende
Solarquest

Solarquest

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 22, 2014
2,525
Scary scenario. ...also considering that we user cannot do anything against it.
Great share, thank you.
 
  • Like
Reactions: Der.Reisende
You must log in or register to reply here.

Similar threads

MuzzMelbourne
    • Like
    • +Reputation
Mirai botnet targets 22 flaws in D-Link, Zyxel, Netgear devices
Replies
2
Views
1,203
News Archive
vtqhtr413
vtqhtr413
Orchid
    • Like
New Mirai malware variant infects Linux devices to build DDoS botnet
Replies
5
Views
637
News Archive
MuzzMelbourne
MuzzMelbourne
MuzzMelbourne
    • Like
    • +Reputation
New ‘HinataBot’ botnet could launch massive 3.3 Tbps DDoS attacks
Replies
0
Views
866
News Archive
MuzzMelbourne
MuzzMelbourne

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top