Scammers have been taking advantage of easily accessible cellular routers to send out massive text message-based phishing attacks, or “smishing” campaigns. The routers, manufactured by Milesight IoT, are rugged devices used in industrial settings to connect things like power meters and traffic lights to central systems.
These devices have been found with their programming interfaces left open to the public, allowing anyone to access and exploit them. The majority of these unsecured routers were running outdated firmware with known vulnerabilities, making them prime targets. Researchers uncovered more than 18,000 such devices online, with at least 572 of them completely exposed.
The researchers discovered that these unsecured routers have been used to send fraudulent text messages since at least October 2023. These messages, which have targeted people in countries like Sweden, Belgium, and Italy, often tell recipients to log in to government services to verify their identity. The links in the texts lead to fake websites designed to steal people’s login information.
Experts believe that this method is so appealing to scammers because it’s simple yet effective. The ability to use decentralized devices across multiple countries makes it difficult for security experts to detect and shut down these operations. While the exact method of compromise is unclear, it’s possible a vulnerability fixed in 2023, which allowed attackers to obtain administrative passwords, is a key factor. However, other evidence suggests additional attack methods may also be at play.
The prevalence of these smishing attacks often leads people to wonder how scammers manage to send so many messages without being stopped. This investigation suggests the answer lies in small, overlooked devices often located in out-of-the-way places. By exploiting these devices, attackers gain access to an easily accessible and highly effective delivery system for their fraudulent messages.
Reference:
