AT&T Networking Devices’ old flaw is now exploited by new malware to conduct DoS attacks! Thousands of U.S. customers affected

AT & T’s network devices are currently targeted by new malware called EwDoor. This new malicious tool is confirmed to exploit the old device model flaw, discovered in 2017.

(Photo: Photo by Ronald Martinez / Getty Images)
A man walks with an umbrella outside AT&T headquarters on March 13, 2020 in Dallas, Texas. AT&T allows employees to work remotely from their homes if they are able to do so, as a safety measure due to COVID-19.

The specific vulnerability exploited by the new malware is CVE-2017-6079. This flaw, a command injection vulnerability, was first discovered by Spencer Davis, a penetration tester.

He used this flaw to successfully hack a customer’s network in 2017. Now, the new EwDoor malware would take advantage of this old security issue so that the hackers behind it can easily carry out DoS (denial of service) attacks.

“So far, the EwDoor, in our opinion, has undergone 3 versions of updates, and its main functions can be summarized in 2 main categories of DDoS and Backdoor attacks,” said the security experts involved via the official website of Qihoo 360.

AT&T suffers from new EwDoor malware

According to the latest report from ArsTechnica, approximately 5,700 AT&T customers in the United States have fallen victim to the new EwDoor malware.

AT&T Networking Devices' old flaw is now exploited by new malware to conduct DoS attacks!  Thousands of U.S. customers affected

(Photo: Photographic illustration by Tim Boyle / Getty Images)
The AT&T logo is seen on top of a telephone bill on May 12, 2006 in Des Plaines, Illinois. The United States National Security Agency began collecting information from the phone records of millions of customers at AT&T (until recently known as SBC), Verizon and BellSouth soon after. the terrorist attacks of 2001.

Also Read: US Politicians Want To Push For Anti-Bot Law To Stop Scalpers From Buying Big

If you are one of the telecom giant’s consumers, the device model currently under attack is the EdgeMarc Enterprise Session Border Controller.

This network device is a tool that helps secure and manage phone calls. SMEs currently rely on this gadget to contact their customers and clients.

It can also secure real-time communications, such as video conferencing. If you want to see more details about the new malware, you can click on this link.

How serious is EwDoor?

Qihoo 360 experts explained that the new EwDoor malware specifically attacks Edgewater devices. This means that the hackers behind the new malware could also use the malware to exploit other old vulnerabilities.

For now, security researchers have said that EwDoor may be carrying out the following hacking activities:

  • File management
  • DDoS attack
  • Automatic update
  • Port analysis
  • Inverted hull
  • Execution of arbitrary commands

In other news, TechTimes reported that Android users in Finland are also being targeted by another malware called Flubot. On the other hand, American companies are under attack by a new family of ransomware.

For more updates on malware and other security threats, always keep your tabs open here at TechTimes.

Associated article: Canada Caller ID Spoofing: CRTC to Pass Harmful Phone Call Prevention Law

This article is owned by TechTimes

Written by: Griffin davis

2021 All rights reserved. Do not reproduce without permission.

Source link