logo
logo

Foul-mouthed worm takes control of wireless ISPs around the globe

avatar
Annie Kelley
May 19, 2016 20:14
img

Rockydallas

ISPs around the world are being attacked by self-replicating malware that can take complete control of widely used wireless networking equipment, according to reports from customers and a security researcher who is following the ongoing campaign.

The vulnerability, which allows attackers to gain access to the devices over HTTP and HTTPS connections without authenticating themselves, was patched last July, but the fix wasn't widely installed.

The flaw resides in the following Ubiquiti products:

airMAX v5.6.2

airMAX AC v7.1.3

TOUGHSwitch v1.3.2

airGateway v1.1.5

In an advisory, Ubiquiti officials said they are aware of two different payloads that exploit the vulnerability.

Although the flaw was fixed last July through a patch released through the company's bug bounty program, officials have issued a new patch that further locks down potentially vulnerable devices.

Users can then restore the device configuration on the reflashed device.

"Exploits are assumed to be underway globally," said Ben West, a networking engineer at WasabiNet, a wireless ISP located in St. Louis.

collect
0
avatar
Annie Kelley
May 19, 2016 20:14
guide
Zupyak is a free content platform for publishing and discovering stories, software and startups.