Once again, home routers are exposed to the risk of cyber attacks. This time the news is related to the Australian consumer broadband modems that resulted affected by the Poodle and Freak vulnerabilities. Many Australian households reported that ISPs are notifying them of possible malicious traffic without providing any other information regarding possible mitigation strategies. In the following image posted by
Many Australian households reported that ISPs are notifying them of possible malicious traffic without providing any other information regarding possible mitigation strategies. In the following image posted by The Register is illustrated a communication sent by the TPG service provider to its customer to inform him of the anomalous traffic.
As explained by The Register, Poodle and Freak still affect numerous home routers including DLink, Netcomm and FritzBox devices. Unfortunately, other configuration problems are threatening the Australian users, security experts are aware that many devices come with external admin enabled by default.
The Australian Communications and Media Authority’s AISI Malware statistics page documents a worrying situation in Australia, more than 200,000 hosts result vulnerable.
“The “Other” chart on that page, first published on March 27, “includes” Freak and Poodle vulnerabilities, but The Register has reason to believe these two bugs represent nearly all of the “other” hosts.” states The Register.
Among the vulnerable devices, there are also many un-patched hosts and several VoIP services, anyway the number of home routers vulnerable to Poodle/Freak remains greater than 100,000.
The problem in a case like this is represented by the lack of awareness of users, the majority of which totally ignore the cyber threats and how to apply mitigation solutions, like a firmware update.
(Security Affairs – PODDLE, home routers)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.