FRITZ! news - Security advisory: suspected telephone misuse
Security advisory: suspected telephone misuse
AVM has received information that suggests potential telephone misuse via the FRITZ!Box. Our investigations are ongoing and there are currently several dozen known cases.
The routers seem to have been accessed from an external source and a premium-rate telephone service set up. Such an attack is only possible if the attacker knows the precise combination of e-mail address or FRITZ!Box username, FRITZ!Box IP address, and the passwords for remote access and the FRITZ!Box interface. It is possible that these attacks are linked to the theft of 16 million digital identities that was recently announced by the German Federal Office for Information Security.
In general, external access is only possible if HTTPS remote access (port 443) or the MyFRITZ! service has been enabled, and the attacker would need to know the e-mail address and password. If these are not known or if external access has not been activated, then the FRITZ!Box has not been accessed from an external source.
If HTTPS remote access (port 443) or the MyFRITZ! service are enabled, we recommend changing the passwords to be on the safe side. Furthermore, all computers currently in use should be scanned for malware, such as Trojans. If unusual call diversions appear in the telephone configurations, these should be immediately erased. As a further security precaution, you may wish to block international calls.
AVM will shortly be publishing detailed guidance at en.avm.de/guide/security and will release any new information as soon as it is available.
Feb 03, 2014