1,000 Routers in Singapore exposed to potential attacks
Internet of Things Internet security company NewSky Security company disclosed on May 28th that Singapore’s largest telecommunications operator Singtel has exposed about 1000 customer routers exposed to potential attacks due to unprotected port 10000.
Singtel has 400 million subscribers in 25 countries and is among the top 30 mobile phone service providers in the world. It is now focusing on providing Internet access, IPTV (Singtel TV), mobile phones (Singapore Mobile) and Internet telephony service is also a founding member of Bridge Alliance, an international organization.
Ankit Anubhav, a security researcher at NewSky Security discovered that the affected device is WiFi Gigabit Routers. Researcher said that the open port 10000 exposes the router to a large number of different types of attacks. The hacked router may allow the attacker to reconfigure the router to reroute traffic, monitor packets, and even implant malicious software. The researchers found that once the connection is made through this port, they can fully access these devices without authentication protection, and these devices do not enable the login function.
In this way, researchers can use Shodan to scan the 10000 port on the Singtel router and log in as the administrator of the device. Once in the device, an attacker not only can manipulate or snoop network traffic but also can easily access devices on the attack network.
Routers are attractive targets for hackers and cybercriminals, where attackers can implant malicious software or perform DNS hijacking of insecure WiFi routers.
Anubhav wrote “On connecting through this port, we observed that one can get complete access to these devices as there was no authentication set on these devices. The login feature of these devices was set to be disabled.”
After discovering the problem, NewSky Security notified the Singapore Computer Emergency Response Team (SingCERT) under the Cybersecurity Agency of Singapore. SingCERT subsequently worked with SingTel to resolve the issue. Singtel currently disables port forwarding on the affected routers.
“The ISP SingTel has disabled port forwarding to port 10000 for the affected routers. Root cause: Port forwarding was enabled by their customer service staff to troubleshoot Wi-Fi issues for their customers and was not disabled when the issues were resolved. ISP SingTel will be taking measures to ensure that port forwarding is disabled after troubleshooting has completed.”