Tech News
Back to home
Technology

That annoying SMS phish you just got may have come from a box like this

Source

Ars Technica

Published

TL;DR

AI Generated

Scammers have been exploiting unsecured cellular routers made by China-based Milesight IoT Co., Ltd., typically used in industrial settings, to send SMS phishing messages since 2023. These rugged IoT devices connect various remote industrial devices to central hubs using cellular networks and can be controlled via text message, Python scripts, and web interfaces. Security firm Sekoia discovered over 18,000 vulnerable routers accessible on the Internet, with some having outdated firmware and known vulnerabilities, making them easy targets for abuse. The misuse of these routers highlights the importance of securing IoT devices to prevent such phishing campaigns.

Read Full Article

Similar Articles

A wireless device exploit uncovered 11 years ago still hasn't been fixed by some manufacturers — six vendors and 24 devices found harbouring vulnerable firmware across routers, range extenders, and more

A wireless device exploit uncovered 11 years ago still hasn't been fixed by some manufacturers — six vendors and 24 devices found harbouring vulnerable firmware across routers, range extenders, and more

Despite being disclosed in 2014, the Pixie Dust exploit remains unpatched in wireless devices from six vendors, affecting 24 devices like routers and range extenders. This exploit allows attackers to obtain a router's PIN and connect to a network without the password. NetRise found that only four of the 24 vulnerable devices were patched, with fixes arriving an average of 9.6 years after the exploit was made public. The issue highlights systemic problems in firmware supply chains and the need for consistent visibility into firmware to address old vulnerabilities.

Tom's Hardware
Hacker breaks into on-campus smart washing machines — management eventually disables devices, leaving thousands of students with no reliable laundry service

Hacker breaks into on-campus smart washing machines — management eventually disables devices, leaving thousands of students with no reliable laundry service

An unknown hacker breached smart washing machines at an Amsterdam housing complex, disabling payment systems and leaving students without laundry service. The management company disabled the devices to avoid covering unpaid laundry costs, impacting 1,250 residents. Duwo is transitioning back to analog machines, with other buildings also moving away from IoT appliances. The hacker could face prison time if caught, but identifying them may be challenging and costly. Ethical hacker Sijmen Ruwhof suggested that bright students on campus could have been behind the breach, highlighting the allure of hacking such devices.

Tom's Hardware
Amazon says bug caused select Echo Show devices to use tons of data — widgets caching large images caused gigabytes of internet usage

Amazon says bug caused select Echo Show devices to use tons of data — widgets caching large images caused gigabytes of internet usage

A bug in select Amazon Echo Show devices caused excessive data usage due to widgets caching large images, but Amazon has fixed the issue. Former Microsoft engineer Dave W. Plummer reported his Echo Show used over 4 GB of data in a day, sparking concerns of spying, which Amazon denied. The bug was traced to an app downloading unnecessarily large photos, impacting data usage. Smart devices like Echo Show are designed to download images for screensavers or backgrounds, but they don't require high-resolution photos. Users can ensure privacy by using the physical mute switch on these devices.

Tom's Hardware
Integrating Digital Twins on Automotive Standardized Architectures (McMaster University)

Integrating Digital Twins on Automotive Standardized Architectures (McMaster University)

Researchers at McMaster University have published a technical paper on integrating digital twins (DT) in automotive standardized architectures. The paper explores the use of DT technology in the automotive industry, focusing on services like computer-aided remote control and cloud-based fleet coordination. It highlights the challenges in developing automotive DTs due to the lack of architectural guidelines, with ISO 23247 being one of the few standards available. The study assesses the suitability of ISO 23247 for automotive DT development through a case study on Adaptive Cruise Control for autonomous vehicles, identifying strengths and limitations of the reference architecture. This work aims to guide future research, practice, and standard development in the field.

SemiEngineering

We use cookies

We use cookies to ensure you get the best experience on our website. For more information on how we use cookies, please see our cookie policy.