And you thought you were safe
Your ISP can be the weakest point when it comes to securing your communication. Securing your computer does not mean that you are safe. Which doesn’t mean you shouldn’t secure your computer. A Brazillian security researcher, Bernardo Rodrigues presented his finding on hacking cable modems. He stated that, “securing cable modems is more difficult than other embedded devices because, in most cases, you can’t choose your own device/firmware and software updates are almost entirely controlled by your ISP.
The researcher discovered that the search using Shodan – a search engine that looks for all devices attached to it while scanning the internet revealed as many as 600,000 devices affected by the vulnerability.Arris cable modem are used by some of biggest IPS’s including Comcast and Time Warner Cable. Modem models include:
- TG862A
- TG860A
- DG860A
“The known backdoor can be used to enable Telnet and SSH remotely via a hidden HTTP administrative interface or via custom SNMP MIBs. The second backdoor is based on the last five digits of the modem’s serial number. Exploiting the second backdoor launches a full BusyBox shell which grants a user / attacker even more capabilities. —Techspot”
