USB Modem Vulnerability

Like routers, most USB modems also vulnerable to drive-by hacking by Lucian Constantin.

From the post:

The majority of 3G and 4G USB modems offered by mobile operators to their customers have vulnerabilities in their Web-based management interfaces that could be exploited remotely when users visit compromised websites.

The flaws could allow attackers to steal or manipulate text messages, contacts, Wi-Fi settings or the DNS (Domain Name System) configuration of affected modems, but also to execute arbitrary commands on their underlying operating systems. In some cases, the devices can be turned into malware delivery platforms, infecting any computers they’re plugged into.

Russian security researchers Timur Yunusov and Kirill Nesterov presented some of the flaws and attacks that can be used against USB modems Thursday at the Hack in the Box security conference in Amsterdam.

USB modems are actually small computers, typically running Linux or Android-based operating systems, with their own storage and Wi-Fi capability. They also have a baseband radio processor that’s used to access the mobile network using a SIM card.

Many modems have an embedded Web server that powers a Web-based dashboard where users can change settings, see the modem’s status, send text messages and see the messages they receive. These dashboards are often customized or completely developed by the mobile operators themselves and are typically full of security holes, Yunusov and Nesterov said.

The researchers claim to have found remote code execution vulnerabilities in the Web-based management interfaces of more than 90 percent of the modems they tested. These flaws could allow attackers to execute commands on the underlying operating systems.

Unlike CNN, the authors report real security issues with USB modems. (It’s entirely possible some CNN stories are accurate, useful, but I don’t know the odds.)

I particularly liked the lines on slide 56:

Please don’t plug computers into your USB

Is it safe to plug USB devices on 220v wall sockets?

(I assume “on” = “into.” 😉 )

I don’t know if there will be a video but you can obtain the presentation materials.

I didn’t see any videos from prior events but there are presentation materials and white papers at: Hack In The Box Security Conference.

Comments are closed.