Vulnerability allows attack on routers

Currently there is a series of attacks on different types of routers running certain versions of Arcadyan firmware.

What happened?

On August 8, security researchers from Bad Packets and Juniper Labs reported an ongoing attack on routers and modems running certain versions of the Arcadyan firmware. This attack affects devices from ASUS, Orange, Vodafone, Deutsche Telekom, British Telecom and Verizon. The full list of vulnerable devices can be found in the table here.

 

What are the risks to my business from the router attack?

The vulnerability was discovered earlier this year by security researcher Evan Grant. A security update was made available in April. Until last week, when the researcher published a detailed report on his discovery, the vulnerability had not been attacked. However, this has been the case since last week. If the vulnerability is successfully exploited, the authentication procedures of the affected routers and modems can be bypassed, allowing an attacker to remotely access the devices. 

 

What can I do about the attack on routers?

Since the vulnerability affects multiple device types, there is no simple general solution. Users of the vulnerable devices are advised to contact their respective manufacturers for security updates and other remedies. Attacks have been taking place since last week, so the old security updates may not be enough.

Here's how you can check if your device is affected:  

  • Check the list to see if your device's manufacturer is listed. If so, check whether the device model is affected, for example: Deutsche Telekom Speedport Smart 3.
  • Version and manufacturer can be checked either directly on the sticker of the device or in the properties in your WLAN settings on the computer.

If you have trouble finding a solution for your device and you are a Perseus customer, please contact us.

 

Any questions?
We are here for you.

Arrange a free consultation with our IT security experts. We look forward to meeting you.

+49 030/95 999 80 80 (Mon - Fri 09:00am - 6:00pm)