Short Notes - Telephone scammers deliberately searching for routers with remote access enabled that missed the security update

Short Notes

Telephone scammers deliberately searching for routers with remote access enabled that missed the security update

AVM has received evidence that hackers are again attempting to take advantage of the security gap discovered in February 2014, which has long since been closed. These attacks can affect only users who have not installed the security update from February 2014, and who have enabled remote access (via port 443) on boxes equipped with telephony functions (VoIP, landline). Currently the scammers are searching specifically for devices on which no update was performed and no passwords have been changed. This only applies to an extremely low number of all installed devices, but in exceptional cases the devices in question can be misused for telephone fraud over long periods of time. Such fraud can result in high telephone costs, for instance through faked telephone connections to Cuba, Sierra Leone or Afghanistan.

AVM thus urgently recommends that all users who have not yet performed an update do so immediately in order to protect their routers with the latest, secure version of our software.

For detailed information on the security update from February 2014, go to Important security update for all FRITZ!Box users.