Scammers Hijack Industrial Routers to Blast Billions of Phishing Texts

Unsecured Cellular Routers Used to Blast SMS Phishing Messages In a disturbing discovery, security researchers have found that scammers have been exploiting unsecured cellular routers in industrial settings to send massive amounts of SMS-based phishing messages since 2023. According to Sekoia, a cybersecurity firm, the affected routers are manufactured by China-based Milesight IoT Co., Ltd. The routers, designed for use in Internet of Things (IoT) applications such as traffic lights and power meters, come equipped with SIM cards that allow them to connect to cellular networks using 3G, 4G, or 5G technology. Researchers found that these devices can be controlled remotely via text message, Python scripts, or web interfaces. "We were analyzing suspicious network traces in our honeypots when we stumbled upon a cellular router being used to send SMS messages with phishing URLs," said Sebastien Devillanova, CTO of Sekoia. "Further investigation revealed that over 18,000 such routers are accessible on the internet, and at least 572 of them have open programming interfaces that can be accessed by anyone." The use of these unsecured routers as a delivery vector for phishing messages is considered unsophisticated but effective. The sheer number of devices involved and their widespread accessibility make them an attractive target for scammers. Background research reveals that Milesight IoT Co., Ltd. has been producing these cellular routers since 2018, with many being installed in industrial settings around the world. While the company's website claims to prioritize security, it appears that some of its products have vulnerabilities that can be exploited by malicious actors. Experts warn that this development highlights the need for greater awareness and vigilance when it comes to IoT device security. "This is a wake-up call for industries and organizations to take a closer look at their IoT devices and ensure they are properly secured," said Devillanova. As researchers continue to investigate this issue, Sekoia has alerted Milesight IoT Co., Ltd. to the potential vulnerabilities in its products. The company has since issued a statement assuring customers that it is working to address the issues and provide security patches. The incident serves as a reminder of the importance of robust security measures in industrial settings, particularly when it comes to IoT devices. As technology continues to advance, so too do the tactics employed by scammers. Staying informed and proactive in addressing these threats will be crucial for protecting against future attacks. Current Status: Sekoia has reported its findings to Milesight IoT Co., Ltd. and is working with the company to address the vulnerabilities. The researchers are also collaborating with industry partners to develop more effective security measures for IoT devices. Next Developments: As this story continues to unfold, we will provide updates on any new developments or breakthroughs in addressing these vulnerabilities. In the meantime, organizations and individuals are advised to review their IoT device security protocols and take necessary precautions to protect against potential threats. *Reporting by Arstechnica.*