Singaporean ISP Popped Router Ports, Saving Customers The Trouble Of Making Themselves Hackable

posted by mrpg on Wednesday May 30, @09:59AM   Printer-friendly
from the thank-you-in-Malay-sounds-like-hack-me dept.
Singaporean broadband users were left vulnerable to attackers after their ISP opened remote access ports on their modems and forgot to close them.

The discovery was made by NewSky Security researcher Ankit Anubhav, who used Shodan to scan for SingTel routers open on port 10,000 – the default Network Data Management Protocol TCP/UDP port.

Anubhav said the scan yielded 975 devices that had port 10,000 open with no protection, as a result of a fault-finding exercise gone wrong (that number is only those found on the scan).

When NewSky alerted Singapore's CERT, and that body took the issue to SingTel, Anubhav said the root cause was that SingTel enabled port 10,000 to troubleshoot a problem with the SingTel-branded routers (the “Wi-Fi Gigabit Router” is supplied by Arcadyan).

  • (Score: 0) by Anonymous Coward on Wednesday May 30, @10:20AM

    by Anonymous Coward on Wednesday May 30, @10:20AM (#686201)

    the ISP had since closed the ports.

    and the person responsible for the oversight is now serving 227 consecutive life sentences in a maximum security prison.

