Once again, home routers are exposed to the risk of cyber attacks. This time the news is related to the Australian consumer broadband modems that resulted affected by the Poodle and Freak vulnerabilities. Many Australian households reported that ISPs are notifying them of possible malicious traffic without providing any other information regarding possible mitigation strategies. In the following image posted by
Many Australian households reported that ISPs are notifying them of possible malicious traffic without providing any other information regarding possible mitigation strategies. In the following image posted by The Register is illustrated a communication sent by the TPG service provider to its customer to inform him of the anomalous traffic.
As explained by The Register, Poodle and Freak still affect numerous home routers including DLink, Netcomm and FritzBox devices. Unfortunately, other configuration problems are threatening the Australian users, security experts are aware that many devices come with external admin enabled by default.
The Australian Communications and Media Authority’s AISI Malware statistics page documents a worrying situation in Australia, more than 200,000 hosts result vulnerable.
“The “Other” chart on that page, first published on March 27, “includes” Freak and Poodle vulnerabilities, but The Register has reason to believe these two bugs represent nearly all of the “other” hosts.” states The Register.
Among the vulnerable devices, there are also many un-patched hosts and several VoIP services, anyway the number of home routers vulnerable to Poodle/Freak remains greater than 100,000.
The problem in a case like this is represented by the lack of awareness of users, the majority of which totally ignore the cyber threats and how to apply mitigation solutions, like a firmware update.
(Security Affairs – PODDLE, home routers)