|
||||||||
TalkTalk and Post Office routers hit by cyber-attack |
![]() |
|
|
Thread Tools | Search this Thread |
|
|
#1 |
|
Forum Member
Join Date: Dec 2007
Location: Herefordshire
Posts: 22,785
|
TalkTalk and Post Office routers hit by cyber-attack
Other providers routers have been hit as well,
Here is some more info At the moment I am using my old plusnet router as i am having problems with my TP link, Sagecom seems to be ok at the moment. so keep a eye out peoples. |
|
|
|
|
Please sign in or register to remove this advertisement.
|
|
|
#2 |
|
Forum Member
Join Date: Jan 2009
Posts: 507
|
Quote:
Other providers routers have been hit as well,
Here is some more info At the moment I am using my old plusnet router as i am having problems with my TP link, Sagecom seems to be ok at the moment. so keep a eye out peoples. http://downdetector.co.uk/problems/talktalk |
|
|
|
|
|
#3 |
|
Forum Member
Join Date: Oct 2006
Location: South Wales/Gran Canaria
Posts: 8,294
|
No problems here, usual rock solid connection, put this attack in perspective
http://www.bbc.co.uk/news/technology-38130352 Seems to be hitting linux based systems? |
|
|
|
|
|
#4 |
|
Forum Member
Join Date: Jan 2009
Posts: 507
|
I have windows 10 and talk talk , yesterday internet and PC was slow and its a little faster today but still not what is should be .
|
|
|
|
|
|
#5 |
|
Forum Member
Join Date: Dec 2012
Posts: 3,455
|
TalkTalk says it only affects the D-Link DSL-3780 router, which they say few people have, not the more common Huawei HG533. Not sure if they look the same but the one on the BBC page looks the same as my Huawei. The model number can be found on the sticker on the routers base.
|
|
|
|
|
|
#6 |
|
Forum Member
Join Date: Jan 2009
Posts: 507
|
Quote:
TalkTalk says it only affects the D-Link DSL-3780 router, which they say few people have, not the more common Huawei HG533. Not sure if they look the same but the one on the BBC page looks the same as my Huawei. The model number can be found on the sticker on the routers base.
http://www.dailymail.co.uk/news/arti...l-routers.html |
|
|
|
|
|
#7 |
|
Forum Member
Join Date: Dec 2012
Posts: 3,455
|
Quote:
Some papers say up to 360,000 TalkTalk customers have been hacked.
http://www.dailymail.co.uk/news/arti...l-routers.html https://community.talktalk.co.uk/t5/...k/td-p/1985412 |
|
|
|
|
|
#8 |
|
Forum Member
Join Date: Oct 2004
Posts: 14,633
|
I guess that the money TT didn't spend on securing their website from trivial attacks, wasn't spent on securing their routers either.
A bigger bonus for Dido? |
|
|
|
|
|
#9 |
|
Forum Member
Join Date: Dec 2012
Posts: 3,455
|
Quote:
I guess that the money TT didn't spend on securing their website from trivial attacks, wasn't spent on securing their routers either.
A bigger bonus for Dido? If you think your IT provider is safe you are living in a fools paradise, none are, anywhere. http://www.reuters.com/article/us-de...-idUSKBN13O0X4 |
|
|
|
|
|
#10 |
|
Forum Member
Join Date: Oct 2004
Posts: 14,633
|
Quote:
Hardly any TalkTalk routers were affected, it was the Post Office service that had the greatest number of hits and even that was nothing compared with Deutsche Telekom as I'm sure you know. The hackers will target other routers soon resulting in other services going down, hopefully BT and co will fix the problem as quickly as PO and TT did.
If you think your IT provider is safe you are living in a fools paradise, none are, anywhere. http://www.reuters.com/article/us-de...-idUSKBN13O0X4 I'm not sure why you're mentioning a German telco when my post clearly mentioned the UK. The "hackers" can only "target" routers that are actually vulnerable. This does not mean that all ISP supplied equipment is vulnerable, because the changes needed to make them not vulnerable are actually quite easy to implement (and more responsible ISPs, with such things as an actual security budget, will have done so). This is why TalkTalk got massively hacked a few months back and others did not. |
|
|
|
|
|
#11 |
|
Forum Member
Join Date: Dec 2012
Posts: 3,455
|
Quote:
The Post Office is a rebadged TalkTalk service. Same routers, practically identical firmware in all likelihood. TalkTalk were affected too.
I'm not sure why you're mentioning a German telco when my post clearly mentioned the UK. The "hackers" can only "target" routers that are actually vulnerable. This does not mean that all ISP supplied equipment is vulnerable, because the changes needed to make them not vulnerable are actually quite easy to implement (and more responsible ISPs, with such things as an actual security budget, will have done so). This is why TalkTalk got massively hacked a few months back and others did not. |
|
|
|
|
|
#12 |
|
Forum Member
Join Date: Oct 2004
Posts: 14,633
|
Quote:
Routers are mass produced international devices, the ones used by the PO were not the same as those used by TT but presumably had similar software as no doubt did the german ones. The story has gone now from the news services, I suspect you have a problem with TT, just use someone else if you don't like them but from what I read on this forum they are all troublesome.
Other ISPs seem to have managed this. TalkTalk has not. I am not a TT customer nor will I ever be one - but that doesn't disqualify me from criticising the fact that they still fail to get the basics right. |
|
|
|
|
|
#13 |
|
Forum Member
Join Date: May 2013
Location: Caught Somwehere In Time
Posts: 381
|
The issue is that TR069/CWMP remote management is enabled by default on all ISP provided routers, which would be fine if they didn't all use the same default username and password to access.
There have been numerous warnings concerning TR069 vulnerabilities over the years. I always disable TR069/CWMP or any form of remote management on any router I use, and I would never use any ISP provided routers either. |
|
|
|
|
|
#14 |
|
Forum Member
Join Date: Dec 2007
Location: Herefordshire
Posts: 22,785
|
Just posted to warn people that is all, so people know about it.
|
|
|
|
|
|
#15 |
|
Forum Member
Join Date: Jan 2009
Posts: 507
|
TalkTalk customers urged to change Wi-Fi passwords. Ken Munro, a security researcher at Pen Test Partners, said passwords had been stolen from the faulty routers, which could give cyber criminals access to all of the information on customers' home networks, including further passwords and financial details. TalkTalk has not updated its website with advice, but said some customers are being advised to change their Wi-Fi passwords.
http://www.bbc.co.uk/news/technology-38208958 |
|
|
|
|
|
#16 |
|
Forum Member
Join Date: Feb 2005
Posts: 439
|
I believe I have one of these affected routers as from last Friday, I was experiencing very slow connections, not to all sites but the likes of Facebook and Yahoo Mail. Suspecting something, I took the router out of action and replaced it with my trusty Belkin. I also changed the DNS settings on the router.
|
|
|
|
|
|
#17 |
|
Forum Member
Join Date: Oct 2006
Location: London
Posts: 1,436
|
Do you have to change the wireless network password (wpa key) or just the router login password?
I don't even think my router is supposed to be affected but it's slow so just in case, I reset it, then reset the login password, and disabled uPnP, but the router already connects to the internet before you have time to reset the password, so maybe I got reinfected. Also I didn't change the wireless network password (wpa key) as this is written on the back of the router and it seems a lot of hassle to have to stick something over it. Is there anything else I should do and do I need uPnP? What about for file sharing? |
|
|
|
|
|
#18 |
|
Forum Member
Join Date: Dec 2007
Location: Bracknell
Posts: 172
|
Quote:
TalkTalk customers urged to change Wi-Fi passwords.
There is a lot of duff information being put out by the media.. |
|
|
|
|
|
#19 |
|
Forum Member
Join Date: Oct 2004
Posts: 14,633
|
Quote:
This is an attack via the WAN interface, changing the WiFi password will do absolutely nothing to prevent it. Changing the router admin password from the default is always a good idea (which will stop all sorts of attacks) but in this case it is the interface used by the ISP to upgrade the router firmware that is involved and this will probably have a different password from the normal admin password and may not be accessible by the user.
There is a lot of duff information being put out by the media.. It's possible thanks to Google and co to trace a wireless SSID to a physical location. If you know the location, you can get into WiFI range of it. If you have the wifi password, because your botnet has grabbed it for you, you can then log onto the network and potentially do things that the account holder would rather you didn't. It's a very unlikely thing to occur, all things considered, but it is possible. |
|
|
|
|
|
#20 |
|
Forum Member
Join Date: May 2007
Posts: 376
|
Basically anyone who stays with TT after their last hack by kids deserves all they get. Get rid before its to late, bound to be another attach as their IT security still seems under invested and below par.
|
|
|
|
|
|
#21 |
|
Forum Member
Join Date: Oct 2006
Location: London
Posts: 1,436
|
Quote:
Basically anyone who stays with TT after their last hack by kids deserves all they get. Get rid before its to late, bound to be another attach as their IT security still seems under invested and below par.
|
|
|
|
|
|
#22 |
|
Forum Member
Join Date: May 2004
Location: Storbritannia
Posts: 28,916
|
Quote:
TalkTalk customers urged to change Wi-Fi passwords. Ken Munro, a security researcher at Pen Test Partners, said passwords had been stolen from the faulty routers, which could give cyber criminals access to all of the information on customers' home networks, including further passwords and financial details. TalkTalk has not updated its website with advice, but said some customers are being advised to change their Wi-Fi passwords.
http://www.bbc.co.uk/news/technology-38208958 |
|
|
|
|
|
#23 |
|
Forum Member
Join Date: May 2004
Location: Storbritannia
Posts: 28,916
|
Quote:
Basically anyone who stays with TT after their last hack by kids deserves all they get. Get rid before its to late, bound to be another attach as their IT security still seems under invested and below par.
|
|
|
|
|
|
#24 |
|
Forum Member
Join Date: Jan 2009
Posts: 507
|
TalkTalk's handling of the wi-fi password breach is being criticised by several cyber-security experts.
http://www.bbc.co.uk/news/technology-38223805 |
|
|
|
|
|
#25 |
|
Forum Member
Join Date: Aug 2004
Location: County Antrim.
Posts: 257
|
Never mind change the wireless key. If I was a TalkTalk customer i would ditch their router fast and get a standard off the shelf model from the like of PC World. IMHO ISP supplied routers are not worth the hassle.
|
|
|
|
![]() |
|
All times are GMT. The time now is 05:36.


