Security warning for all FRITZ!Box users registered with the MyFRITZ! service

avm

AVM, the producer of the well-known home router FRITZ!Box, has issued a security advisory and contacted all users of the cloud service MyFRITZ! to warn them about a potential fraudulent use of telephone services connecting through FRITZ!Box routers.

avm-warning

 

(click to enlarge)

According to AVM, it appears that attackers are connecting to the router on the external interface and somehow get administrative access. Such an attack is only possible if the attacker knows the precise combination of e-mail address or FRITZ!Box username, FRITZ!Box IP address, and the passwords for remote access and the FRITZ!Box interface. All these are available in the MyFRITZ! cloud service. With this information, they are able to add an expensive VoIP provider and set it as default service for telephony. This way, any phone call made through the AVM router would be made through the expensive VoIP provider.

AVM says that it is possible that these attacks are linked to the theft of 16 million digital identities that was recently announced by the German Federal Office for Information Security (BSI).

AVM also advises users to change the password of the email address registered in the Push service.

Seeing this advice, I can’t stop thinking that it might be possible that the MyFRITZ! cloud service was hacked and the user data compromised. I guess we will know this after AVM finishes their investigations.

 

Here is how to make sure that you are not a victim and how to prevent to become one:

Checking telephony devices and deleting unknown IP telephones.

Delete any unknown IP telephones to make sure that the cannot be used to make make fraudulent calls:

  1. Click “Telephony” in the FRITZ!Box user interface.
  2. Click “Telephony Devices” in the “Telephony” menu.
  3. 3. You can recognize IP telephones because “LAN/WLAN” will be displayed in the “Connection” or “Port” column for that telephone. Click the corresponding “Delete” button to delete any IP telephones you are not familiar with.

sh1_en

Deleting call diversions to unknown telephone numbers and disabling call through

  1. Click “Telephony” in the FRITZ!Box user interface.
  2. Click “Call Handling” in the “Telephony” menu.
  3. Switch to the “Call Diversion” tab and delete all entries that divert calls to international numbers you are not familiar with.
  4. Switch to the “Call Through” tab and disable the option “Enable call through”.
  5. Click “Apply” to save your settings.

More details are available on the AVM website.

Sorin Mustaca

IT Security Expert

Thank you for reading this post on Avira TechblogFor latest news please follow us on FacebookTwitterGoogle+.