http://www.theregister.co.uk/2014/01/30/3gmodem_security_peril/
By John Leyden
The Register
30th January 2014
Vulnerabilities in a number of 3G and 4G USB modems can be exploited to
steal login credentials -- or rack up victims' mobile bills by sending
text messages to premium-rate numbers -- a security researcher warns.
Andreas Lindh claims that all the devices he has looked at so far are
managed via their built-in web servers and -- you guessed it -- are
vulnerable to cross-site request forgery (CSRF) attacks. This means a
malicious website visited by a victim can quietly and automatically access
the USB modem's control-panel web page and tamper with the device.
Thus, a vulnerable gadget can be tricked into sending SMS messages over
the mobile network to a miscreant-controlled premium-rate number.
Similarly, a malicious web page could masquerade as a legit login page --
such as the account sign-in page for Twitter -- and covertly text the
victim's intercepted username and password to the hacker.
Lindh demonstrated he was able to contain a counterfeit Facebook login
page in a data URI hidden behind a TinyURL link, which could be sent to a
victim by email or a social network: opening the data URI renders the
bogus Facebook page in the browser, and when the user submits his or her
username and password, some cunning JavaScript texts the credentials via
the connected vulnerable USB modem.
[...]
--
Subscribe to InfoSec News
http://www.infosecnews.org/subscribe-to-infosec-news/
