DSL Modem Attack in Brazil Impacts Millions 'Perfect Storm' of Incompetence Tuesday Oct 02 2012 18:11 EDT Ars Technica has an interesting read on a new attack that has been exploiting vulnerabilities in multiple varieties of DSL modems, forcing users in Brazil to visit compromised websites in turn leading to the theft of financial information. Researchers say the attack is a "perfect storm" of incompetence courtesy of Brazilian regulators, ISPs and hardware vendors who failed to properly test and confirm modem security across more than six unnamed varieties of DSL modems. Kaspersky Lab Expert Fabio Assolini put it this way in a blog post: quote:
"This is the description of an attack happening in Brazil since 2011 using 1 firmware vulnerability, 2 malicious scripts and 40 malicious DNS servers, which affected 6 hardware manufacturers, resulting in millions of Brazilian internet users falling victim to a sustained and silent mass attack on DSL modems. This enabled the attack to reach network devices belonging to millions of individual and business users, spreading malware and engineering malicious redirects over the course of several months.""The negligence of the manufacturers, the neglect of the ISPs and ignorance of the official government agencies create a 'perfect storm,' enabling cybercriminals to attack at will."
The attack has infected more than 4.5 million DSL modems, according to Assolini. |
  tshirt
Premium Member
join:2004-07-11
Snohomish, WA
2 edits |
tshirt
Premium Member
2012-Oct-2 6:55 pm
Individual networks owners are..... or should be liable for the misuse of their network and it effect on connected networks ( The Internet, as we know it) whether it's defective hardware or poor management of an open/unprotected WLAN, each user MUST take all reasonable precautions to help protect the rest of the community.
IMHO It would be reasonable for transport providers to begin selective block of traffic from brazil, IF the Brazilian ISP's and Gov't fail to act. | |
|  | kxrm
join:2002-07-18
Fort Worth, TX |
kxrm
Member
2012-Oct-2 7:24 pm
Re: Individual networks owners are...said by tshirt:.. or should be liable for the misuse of their network and it effect on connected networks ( The Internet, as we know it) whether it's defective hardware or poor management of an open/unprotected WLAN, each user MUST take all reasonable precautions to help protect the rest of the community.
IMHO It would be reasonable for transport providers to begin selective block of traffic from brazil, IF the Brazilian ISP's and Gov't fail to act.
I respectfully disagree. | |
| | | tshirt
Premium Member
join:2004-07-11
Snohomish, WA |
tshirt
Premium Member
2012-Oct-2 7:43 pm
Re: Individual networks owners are...said by kxrm: I respectfully disagree.
With what part? We are a community? We share common space? We must take responsibility? That if we make no effort to self police, others may be forced to take action? Yes reaching the point where others MUST step in is undesirable. and yes stepping in, must be done with great care, but bank robbers (electronic or otherwise) have no socially redeeming value. | |
| | | | kxrm
join:2002-07-18
Fort Worth, TX |
kxrm
Member
2012-Oct-3 1:52 am
Re: Individual networks owners are...said by tshirt:said by kxrm: I respectfully disagree.
With what part? We are a community? We share common space? We must take responsibility? That if we make no effort to self police, others may be forced to take action? Yes reaching the point where others MUST step in is undesirable. and yes stepping in, must be done with great care, but bank robbers (electronic or otherwise) have no socially redeeming value. Yes, we must be responsible for what we do with our networks but your scenario plays out that inevitably we can be punished for a mistake in a router configuration. That's crazy. | |
|
| CXM_SplicerLooking at the bigger picture
Premium Member
join:2011-08-11
NYC |
to tshirt
said by tshirt:...or poor management of an open/unprotected WLAN, each user MUST take all reasonable precautions to help protect the rest of the community. Certainly, then, you would agree that the ISP should dispatch techs for free to assist clueless customers in setting up wireless security? After all, there are millions of routers they installed before wireless security was on the minds of all decent and lawful citizens. | |
| | | tshirt
Premium Member
join:2004-07-11
Snohomish, WA |
tshirt
Premium Member
2012-Oct-3 7:38 am
Re: Individual networks owners are... We could always hope, as the ISP level SHOULD be the first line of detection beyond the user.
Unfortunately ISP often choose to ignore the problem rather than tell a paying customer "We're sorry, but we have a problem" and dealing with it as promptly and directly as they should.
Individuals ARE probably interested in fixing it, IF they had notice and careful instruction.
yes there are millions of infected devices now, but if we wait for a 'miracle' or a perfect solution there will be billions tomorrow. | |
| | | | CXM_SplicerLooking at the bigger picture
Premium Member
join:2011-08-11
NYC |
Re: Individual networks owners are...said by tshirt:yes there are millions of infected devices now, but if we wait for a 'miracle' or a perfect solution there will be billions tomorrow.
I would hardly call the responsible ISP or router manufacturer stepping up to correct their mistake a 'miracle'. Imposing liability on the billed customer as a means of fixing the problem is a backwards and ridiculous step. | |
| | | | | tshirt
Premium Member
join:2004-07-11
Snohomish, WA |
tshirt
Premium Member
2012-Oct-3 4:11 pm
Re: Individual networks owners are... Well, I'm trying to find a method that engages all the parties involved, it's less about extracting money and more about incentive to fix the problem, sort of like ComCast notification and then walled garden if you fail to act.
Obviousley the modem/router owner would be responsible for any costs. | |
|
|  Woody79_00I run Linux am I still a PC?
Premium Member
join:2004-07-08
united state |
to tshirt
said by tshirt:.. or should be liable for the misuse of their network and it effect on connected networks ( The Internet, as we know it) whether it's defective hardware or poor management of an open/unprotected WLAN, each user MUST take all reasonable precautions to help protect the rest of the community.
IMHO It would be reasonable for transport providers to begin selective block of traffic from brazil, IF the Brazilian ISP's and Gov't fail to act.
Thats insane...not only is blocking all traffic from Brazil flatout Censorship that most likely violates Americans Constitutional rights, buts its inpractical as well. How are American Businesses that do business with companies in that country supposed to do business when using the internet to communicate with branch offices and partners is pretty much essential today. In your scenario you cost companies millions if not billions and lost jobs. Secondly, its not these users fault there was a firmware flaw in the DSL modems. The manufacturer or the ISP is responsible for updating the firmware on those devices, not the end user. Under your scenario, the honest, law-abiding, everyday citizen would be punished. It doesn't make practical sense to do that, and censorship of any kind...well im not willing to go down that road. "I would rather be exposed to the inconveniences attending too much liberty than to those attending too small a degree of it." - Thomas Jefferson | |
|
 Jim Kirk
Premium Member
join:2005-12-09
49985 |
Jim Kirk
Premium Member
2012-Oct-2 7:32 pm
Really?I stopped reading as soon as I saw "Kaspersky"... | |
| |  vpoko
Premium Member
join:2003-07-03
Boston, MA |
vpoko
Premium Member
2012-Oct-2 10:22 pm
Re: Really?I stopped as soon as I saw "the". Equally dumb on both our parts. | |
| |  cork1958Cork
Premium Member
join:2000-02-26 |
to Jim Kirk
Edited:
Guess if it would've said McAfee or Norton you would've continued reading? | |
| | | Jim Kirk
Premium Member
join:2005-12-09
49985 |
Jim Kirk
Premium Member
2012-Oct-3 11:11 am
Re: Really?nope | |
|
 Thaler
Premium Member
join:2004-02-02
Los Angeles, CA |
Thaler
Premium Member
2012-Oct-2 8:03 pm
BRBRBRBRBRI was wondering why the quality of online PC gamers has been going up as of late. | |
|  David
Premium Member
join:2002-05-30
Granite City, IL |
David
Premium Member
2012-Oct-2 8:40 pm
I wonderI have a few spare ADSL modems and I know there is no updates for them. Wonder if they would work on their system down there? Assuming it is ADSL (and the owner can put the modem in bridge mode) I wouldn't see why it wouldn't work.
Least then I could get rid of a few spare modems I have. I have like 2 2210's, 1 4100, 1 5100b... I had a 2701HG-B 2wire till I gave it to a friend. I have ended up with these either I got for say $10-20 at the time or gave to me for testing a while back. | |
| |  KrKHeavy Artillery For The Little Guy
Premium Member
join:2000-01-17
Tulsa, OK |
KrK
Premium Member
2012-Oct-3 12:42 am
Re: I wonderThey are probably affected. | |
| | David
Premium Member
join:2002-05-30
Granite City, IL |
David
Premium Member
2012-Oct-3 2:59 pm
That part where I would disagree with, If the interface is disabled (hence dumb modem) you would have to hope that there is a machine set to a static IP address and can surf right into the modem.
That would be a tall order for a virus to be able to do that. | |
|
 Endy
Premium Member
join:2003-01-07
Riverside, CA |
Endy
Premium Member
2012-Oct-3 9:34 am
Didn't this happen before?Didn't something similar happen a year or so ago with a trojan called 'Chuck Norris' that would poke at common default router settings and change the DNS servers to re-route through malicious sites? » www.enigmasoftware.com/c ··· -modems/Yeah, that one. | |
|
| |
|
|
