info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Six million Sky routers had serious security flaw
5 views
Skip to first unread message
Java Jive
Nov 19, 2021, 8:50:05 AM11/19/21
to
Six million Sky routers had serious security flaw
https://www.bbc.co.uk/news/technology-59332840
"About six million Sky routers had a significant software bug that could
have allowed hackers to take over home networks, a security company has
revealed.
The problem has been fixed - but researchers say it took Sky 18 months
to address.
[...]
Affected models were:
Sky Hub 3 (ER110)
Sky Hub 3.5 (ER115)
Booster 3 (EE120)
Sky Hub (SR101)
Sky Hub 4 (SR203)
Booster 4 (SE210)
Although, these last two devices came with a randomly generated admin
password, which would have made it harder for a hacker to exploit.
[...]
Stealing passwords
The flaw in software code, found by researcher Raf Fini, from Pen Test
Partners, would have allowed a hacker to reconfigure a home router
simply by directing the user to a malicious website via a phishing email.
And then they could "take over someone's online life", stealing
passwords for banking and other websites, Pen Test Partner's Ken Munro
told BBC News.
There was no evidence the flaw had been exploited but the delay fixing
it was baffling, he said.
"While the coronavirus pandemic put many internet service providers
under pressure, as people moved to working from home, taking well over a
year to fix an easily exploited security flaw simply isn't acceptable,"
he said."
--
Fake news kills!
I may be contacted via the contact address given on my website:
www.macfh.co.uk
https://www.bbc.co.uk/news/technology-59332840
"About six million Sky routers had a significant software bug that could
have allowed hackers to take over home networks, a security company has
revealed.
The problem has been fixed - but researchers say it took Sky 18 months
to address.
[...]
Affected models were:
Sky Hub 3 (ER110)
Sky Hub 3.5 (ER115)
Booster 3 (EE120)
Sky Hub (SR101)
Sky Hub 4 (SR203)
Booster 4 (SE210)
Although, these last two devices came with a randomly generated admin
password, which would have made it harder for a hacker to exploit.
[...]
Stealing passwords
The flaw in software code, found by researcher Raf Fini, from Pen Test
Partners, would have allowed a hacker to reconfigure a home router
simply by directing the user to a malicious website via a phishing email.
And then they could "take over someone's online life", stealing
passwords for banking and other websites, Pen Test Partner's Ken Munro
told BBC News.
There was no evidence the flaw had been exploited but the delay fixing
it was baffling, he said.
"While the coronavirus pandemic put many internet service providers
under pressure, as people moved to working from home, taking well over a
year to fix an easily exploited security flaw simply isn't acceptable,"
he said."
--
Fake news kills!
I may be contacted via the contact address given on my website:
www.macfh.co.uk
Woody
Nov 19, 2021, 10:26:40 AM11/19/21
to
Graham J
Nov 19, 2021, 10:34:57 AM11/19/21
to
Woody wrote:
[snip]
>>
>> "While the coronavirus pandemic put many internet service providers
>> under pressure, as people moved to working from home, taking well over
>> a year to fix an easily exploited security flaw simply isn't
>> acceptable," he said."
>>
>
> BUT only affected those who had not changed the default admin password.
Which is virtually everybody who doesn't read this newsgroup!
--
Graham J
[snip]
>>
>> "While the coronavirus pandemic put many internet service providers
>> under pressure, as people moved to working from home, taking well over
>> a year to fix an easily exploited security flaw simply isn't
>> acceptable," he said."
>>
>
> BUT only affected those who had not changed the default admin password.
--
Graham J
Mark Carver
Nov 20, 2021, 12:19:25 PM11/20/21
to
inclination to log in to the router and customise etc. Certainly well
over 5 million I suspect.
0 new messages