Options
TalkTalk and Post Office routers hit by cyber-attack
noise747
Posts: 30,851 Forum Member
✭✭✭
Other providers routers have been hit as well,
Here is some more info
At the moment I am using my old plusnet router as i am having problems with my TP
link, Sagecom seems to be ok at the moment.
so keep a eye out peoples.
Here is some more info
At the moment I am using my old plusnet router as i am having problems with my TP
link, Sagecom seems to be ok at the moment.
so keep a eye out peoples.
0
Comments
talk talk are getting worse by the day and they have just put up there prices .
http://downdetector.co.uk/problems/talktalk
http://www.bbc.co.uk/news/technology-38130352
Seems to be hitting linux based systems?
Some papers say up to 360,000 TalkTalk customers have been hacked.
http://www.dailymail.co.uk/news/article-3991714/Hundreds-thousands-TalkTalk-Post-Office-broadband-users-knocked-internet-cyber-attack-seizes-control-routers.html
The Mail is hardly a source of accurate information on any topic, amazed it didn't blame the BBC, it does for everything else. Most affected routers seem to have been in Germany, a solution has been found.
https://community.talktalk.co.uk/t5/Unlimited-Broadband/Router-Hack/td-p/1985412
A bigger bonus for Dido?
Hardly any TalkTalk routers were affected, it was the Post Office service that had the greatest number of hits and even that was nothing compared with Deutsche Telekom as I'm sure you know. The hackers will target other routers soon resulting in other services going down, hopefully BT and co will fix the problem as quickly as PO and TT did.
If you think your IT provider is safe you are living in a fools paradise, none are, anywhere.
http://www.reuters.com/article/us-deutsche-telekom-outages-idUSKBN13O0X4
The Post Office is a rebadged TalkTalk service. Same routers, practically identical firmware in all likelihood. TalkTalk were affected too.
I'm not sure why you're mentioning a German telco when my post clearly mentioned the UK.
The "hackers" can only "target" routers that are actually vulnerable. This does not mean that all ISP supplied equipment is vulnerable, because the changes needed to make them not vulnerable are actually quite easy to implement (and more responsible ISPs, with such things as an actual security budget, will have done so).
This is why TalkTalk got massively hacked a few months back and others did not.
Routers are mass produced international devices, the ones used by the PO were not the same as those used by TT but presumably had similar software as no doubt did the german ones. The story has gone now from the news services, I suspect you have a problem with TT, just use someone else if you don't like them but from what I read on this forum they are all troublesome.
When you're a large ISP like TalkTalk, you get the ability to exert greater control and oversight over the quality of the hardware and software. Companies will design their products to your exact needs. You also have control over things like the way TR069 is implemented - and if you had a security team who knew what they were doing, they would have tested and ensured that such interfaces are not accessible from the public internet, i.e. they could only be accessed from a TalkTalk management server (which is itself routinely audited)
Other ISPs seem to have managed this. TalkTalk has not.
I am not a TT customer nor will I ever be one - but that doesn't disqualify me from criticising the fact that they still fail to get the basics right.
There have been numerous warnings concerning TR069 vulnerabilities over the years.
I always disable TR069/CWMP or any form of remote management on any router I use, and I would never use any ISP provided routers either.
http://www.bbc.co.uk/news/technology-38208958
I don't even think my router is supposed to be affected but it's slow so just in case, I reset it, then reset the login password, and disabled uPnP, but the router already connects to the internet before you have time to reset the password, so maybe I got reinfected. Also I didn't change the wireless network password (wpa key) as this is written on the back of the router and it seems a lot of hassle to have to stick something over it.
Is there anything else I should do and do I need uPnP? What about for file sharing?
There is a lot of duff information being put out by the media..
I'd speculate that you've missed the point a bit.
It's possible thanks to Google and co to trace a wireless SSID to a physical location. If you know the location, you can get into WiFI range of it. If you have the wifi password, because your botnet has grabbed it for you, you can then log onto the network and potentially do things that the account holder would rather you didn't.
It's a very unlikely thing to occur, all things considered, but it is possible.
Not fair - we don't all have limitless funds to send Richard Branson into space or finance a diamond-encrusted cock-ring for Rupert Murdoch to use on Jerry Hall; some of us just have to be content with getting Dido a new pony instead
I agree with that advice - reset and change router password. I've told two non-technical people I know what they can do since they are TalkTalk customers.
^ I do have have sympathy with that view but perhaps the best thing to happen would be for them either to hire some clued up IT security specialists or to go under since they are a liability.
http://www.bbc.co.uk/news/technology-38223805
You need one that can handle IPTV if you have a Youview box...not sure if they'd all be compatible.