acm-header
Sign In

Communications of the ACM

ACM TechNews

Thousands of AT&T Customers in the U.S. Infected by Data-Stealing Malware


An AT&T spokesman said, We previously identified this issue, have taken steps to mitigate it and continue to investigate. We have no evidence that customer data was accessed. He didnt elaborate on when AT&T identified the threats, what the mitigation s

Credit: AT&T

Researchers at Chinese Internet security company Qihoo 360 reported that the EWDoor malware has infected the networking devices of thousands of AT&T Internet customers in the U.S.

The EdgeMarc Enterprise Session Border Controller has been targeted by the malware, allowing the devices to be used in denial-of-service attacks and internal network attacks.

The exploited vulnerability is a command-injection flaw reported in 2017 and fixed in December 2018. It remains uncertain whether the vulnerability had been disclosed to users.

An AT&T spokesman said, "We previously identified this issue, have taken steps to mitigate it, and continue to investigate. We have no evidence that customer data was accessed."

From Ars Technica
View Full Article

 

Abstracts Copyright © 2021 SmithBucklin, Washington, DC, USA


 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account