Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

Smishing targets routers in Belgium 2025

October 2, 2025
Reading Time: 2 mins read
in Alerts
Smishing targets routers in Belgium 2025

A newly identified series of smishing attacks has been linked to compromised Milesight Industrial Cellular Routers. Researchers at Sekoia.io’s Threat Detection & Research team discovered that threat actors were exploiting the routers’ APIs to send fraudulent text messages. This tactic has repeatedly targeted Belgian users, impersonating official government services.

The malicious activity was first detected on July 22, 2025, when honeypots recorded suspicious requests. Investigators found that the manipulated routers were sending SMS messages that contained phishing links. These messages were often disguised as communications from CSAM and eBox, two widely used Belgian government platforms. The texts were written in Dutch and French and consistently used Belgium’s +32 country code.

Sekoia.io noted that more than 19,000 of these routers are accessible on the public internet, and at least 572 of them are exposed to unauthenticated access. This vulnerability allows attackers to send or retrieve SMS messages without needing to log in. Logs suggest that this technique has been in use since at least February 2022.

Although these campaigns have also reached France, Italy, Sweden, and other countries, Belgium remains the most frequent target. Between November 2022 and July 2025, multiple distinct operations impersonated federal authentication and digital mailbox services. In June and July 2025 alone, several new phishing domains mimicking these services were registered. The smishing campaigns often follow a validation phase: attackers test whether a compromised router can send SMS messages by directing initial texts to numbers they control. Once confirmed, the devices are then used to launch mass phishing waves.

The infrastructure supporting these campaigns appears to be tied to Lithuanian hosting provider Podaon, with phishing domains frequently registered through NameSilo. Some of the fraudulent websites even used scripts to restrict access from non-mobile devices, a tactic that limits detection by security analysts. Sekoia.io’s findings highlight how vulnerable equipment is being leveraged to conduct wide-reaching fraud.

Reference:

  • Smishing campaigns exploit cellular routers to intercept and target Belgium user
Tags: Cyber AlertsCyber Alerts 2025CyberattackCybersecurityOctober 2025
ADVERTISEMENT

Related Posts

Smishing targets routers in Belgium 2025

Outlook Bug Causes Repeated Crashes

October 2, 2025
Smishing targets routers in Belgium 2025

MatrixPDF Toolkit Turns PDFs Into Lures

October 2, 2025
Microsoft Sentinel Unveils AI SIEM

Apple Pushes iPhone and Mac Updates

October 1, 2025
Microsoft Sentinel Unveils AI SIEM

Tesla Fixes TCU Bug With USB Risk

October 1, 2025
Microsoft Sentinel Unveils AI SIEM

EvilAI Malware Posing As AI Tools

October 1, 2025
Hackers Target Libraesva Email Flaw

Hackers Target Libraesva Email Flaw

September 30, 2025

Latest Alerts

Outlook Bug Causes Repeated Crashes

Smishing targets routers in Belgium 2025

MatrixPDF Toolkit Turns PDFs Into Lures

Tesla Fixes TCU Bug With USB Risk

Apple Pushes iPhone and Mac Updates

EvilAI Malware Posing As AI Tools

Subscribe to our newsletter

    Latest Incidents

    Allianz Life July Breach Hits 1.5M

    Dealership Software Breach Hits 766k

    Suffolk Website Down After Cyber-Attack

    WestJet Confirms Data Breach

    Ransomware Gang Recruits Reporter

    US Surveillance Hack Exposes Data

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial