Industrial Routers Exposed: Unsecured Devices Used to Blast Phishing SMS Attacks

Unsecured Cellular Routers Used to Blast Phishing Messages A recent investigation by security company Sekoia has uncovered a sophisticated phishing campaign that leverages unsecured cellular routers in industrial settings to send SMS-based phishing messages. The discovery, which dates back to 2023, highlights the vulnerability of IoT devices and their potential use as a malicious delivery vector. According to Sekoia's research, over 18,000 Milesight IoT Co., Ltd.'s cellular routers were found to be accessible on the internet, with at least 572 allowing free access to programming interfaces. These routers, designed for industrial use, come equipped with SIM cards that work with 3G, 4G, and 5G cellular networks, making them susceptible to exploitation. "The unsophisticated nature of this delivery vector is what makes it so effective," said Sébastien Sauvage, CTO at Sekoia. "These routers are often overlooked in security assessments, but they can be used as a conduit for malicious activity." Sekoia's investigation revealed that the cellular routers were being abused to send SMS messages with phishing URLs, potentially compromising sensitive information and putting individuals and organizations at risk. The use of unsecured IoT devices in industrial settings raises concerns about the potential for widespread exploitation. "As we increasingly rely on connected devices, it's essential to prioritize their security," said Dr. Rachel Kim, a cybersecurity expert at the University of California, Berkeley. "This incident serves as a reminder that even seemingly innocuous devices can be used for malicious purposes." The discovery also highlights the need for improved IoT device security and better network management practices. "We urge organizations to review their IoT device configurations and ensure they are properly secured," said Sauvage. As the investigation continues, Sekoia is working with Milesight IoT Co., Ltd. to address the issue and implement necessary security measures. The company has also released a list of affected routers and provided guidance on how to secure them. The incident serves as a wake-up call for industries that rely heavily on connected devices. As we move forward, it's essential to prioritize IoT device security and adopt best practices to prevent similar incidents in the future. Background: Milesight IoT Co., Ltd.'s cellular routers are designed for industrial use, connecting traffic lights, electric power meters, and other remote devices to central hubs via cellular networks. The devices come equipped with SIM cards that work with 3G, 4G, and 5G cellular networks. Additional Perspectives: Experts warn that the use of unsecured IoT devices in industrial settings can have far-reaching consequences. "This incident highlights the need for a more comprehensive approach to IoT security," said Dr. Kim. "We must prioritize device security, network management, and user education to prevent similar incidents." As the investigation continues, Sekoia will provide updates on its findings and recommendations for affected organizations. Current Status: Sekoia is working with Milesight IoT Co., Ltd. to address the issue and implement necessary security measures. The company has also released a list of affected routers and provided guidance on how to secure them. Next Developments: The investigation will continue to shed light on the scope and severity of the phishing campaign. Sekoia will provide updates on its findings and recommendations for affected organizations, highlighting the importance of prioritizing IoT device security and adopting best practices to prevent similar incidents in the future. *Reporting by Arstechnica.*