Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Sky Routers. Show all posts

Sky: Major Security Flaw on 6M Routers Left Customers Vulnerable to Hackers

 

A "serious" security vulnerability impacting over six million Sky routers exposed customers to hackers for more than 17 months, as per the analysts. 

According to internet security firm Pen Test Partners, users of Sky routers were vulnerable to hacks and online attacks for well over a year as a result of the security vulnerability. If they hadn't updated the router's default admin password, hackers could have accessed Sky router customers' passwords and personal information. The following Sky devices were impacted: 
  • Sky Hub 3 (ER110) 
  • Sky Hub 3.5 (ER115) 
  • Booster 3 (EE120) 
  • Sky Hub (SR101) 
  • Sky Hub 4 (SR203) 
  • Booster 4 (SE210) 
However, these last two devices came with a randomly generated admin password, making it more complex for a hacker to attack. Furthermore, around 1% of Sky's routers are not manufactured by the firm. Customers who have one of these can now request a replacement at no cost. 

The software flaw discovered by Pen Test Partners researcher Raf Fini stated that flaw would have allowed a hacker to modify a home router merely by directing the user to a malicious website through a phishing email. 

Pen Test Partner's Ken Munro told BBC News that they could then "take over someone's online life," obtaining passwords for banking and other services. Although there was no proof that the vulnerability had been exploited, he added that the time it took to patch it was perplexing. 

"While the coronavirus pandemic put many internet service providers under pressure, as people moved to working from home, taking well over a year to fix an easily exploited security flaw simply isn't acceptable," he said. 

The Sky was warned about the problem in May 2020, according to Pen Test Partners. Sky acknowledged the issue, but it wasn't until October 2021 that Sky announced 99 percent of all impacted routers had been updated. In response to the security issues, Sky informed ITV News that they began working on a solution as soon as they got notified of the situation. 

A Sky spokesperson stated, "We can confirm that a fix has been delivered to all Sky-manufactured products.”