Unifi ‘backdoor’ allows hacking, spying

By Lee Wei Lian | The Malaysian Insider
June 02, 2010

KUALA LUMPUR, June 2 — Over 1,000 UniFi customers are exposed to a potential security risk of attacks from hackers and spying when using the high speed broadband service from Telekom Malaysia.

The security risk comes from a second administration account on routers that UniFi customers have to use.

The routers have the option for remote management enabled and customers were not informed and therefore unable to reset the password.

Security consultant Dinesh Nair, who has seen the second administration account, said that it appeared to be for maintenance purposes and allows Telekom Malaysia to troubleshoot UniFi problems remotely.

But he added that the password was “guessable” and with the remote management option turned on, it left the router vulnerable to unauthorised access and abuse such as forcing dropped connections and listening to the setting up of email passwords.

“It’s a security risk,” said Dinesh

“Telekom Malaysia should have been open about it from day one. The potential for damage is there.”

He said that the remote management option should have been turned off by default and turned on only when Telekom Malaysia needed remote access.

He added that it was particularly critical for business Unifi customers as competitors could try and gain unauthorised access to company IT systems via the remote management option.

“It’s a foot in the door,” he said.

When contacted, Telekom Malaysia said that they will discuss the issue with their technical team and issue a response.

One broadband industry executive said that the severity of the risk depended on the permissions that were granted to the remote access user.

“Can they reset the box? Or is it just to monitor usage?” said the executive.

“But the risk is greater for business users than home users as it could pose a security breach.”

UniFi user KC Lau said he was upset after reading about the issue on a techie forum (http://forum.lowyat.net/topic/1439287 ) and recalled how his technician told him not to change the passwords on even his WiFi router so that Telekom Malaysia technicians could have remote access.

“Why can’t we change the password on our own WiFi router?” he said.

As of May 7, there were about 1,700 UniFi customers.

Telekom’s UniFi service is part of its High Speed Broadband (HSBB) project was initiated in 2008 and is initially be available in fourareas around the Klang Valley: Shah Alam, Subang Jaya, Taman Tun Dr Ismail and Bangsar. It will be expanded to another 22 areas by June and a further 22 by December.

By 2012, TM expects to hit 1.2 million premises passed.

CategoriesIT

10 Replies to “Unifi ‘backdoor’ allows hacking, spying”

  1. I wonder current UniFi customers can initiate class action suite against TM.

    On a related note, Streamyx customers have been screaming their heads off because of ultra bad and slow connection.

    TM claims that it is due to damage to international under sea fibre damage.

    However at the same time, Unifi customers are raving about the speed they are getting.

    TM have undoubtedly allocated unfair share of international bandwidth to Unifi customers at the expense of Streamyx customers.

  2. Bunch of suckers like Changehole always have excuses for their incompetencies. They have bunch of excuses offering to customers! Why, what & where have the problems of optical cables under the seas on the sea beds! South-East Asia nations, except Bodohland experiences the problems. That is whole bunch of bullsh*ts and craps from incompetent IT professionals! LOL

    No wonder people is chatting about bankruptcy before 2019….

  3. ///But he added that the password was “guessable”…..///

    Why guess password with the human brain? There are already software in the market which can accurately “guess” the user password.

  4. There are some nice hackers out there; according to one of the nice hackers in France who got arrested too. Their service is needed to hack into the account of those who phone anyone in the public telephone directory for their own mad fun. There is nothing secret. These days when news are so competitive. They who get the news announced first get top ratings.

  5. General election 13 is not too far away i presume. So heck. Lets politicise the matter. And since the msm is completely devoid of facts and truths let us make guesses on this one. I say it is jib’s plan to leave the security door ajar. So that he and gang could via that door enter and snoop around other people’s sites and computers. Those who have the unifi account, be careful. Uncle jib is watching! For the rest, well just boycott that unifi service. Dont subscribe! And thank you dinesh for coming into the open with some hard facts.

  6. hi Chengho….faark Najib and tell him that…..and not tell us what we already know.
    Are you in the mood to teach us something?
    Better keep insulting…..to carry Najib’s balls.
    It’s your famous trademark….don’t change..UNLESS Allah have decided to cure and forgive you..which I doubt.
    You vote for change of government…sure forgiven…because you finally care for Malaysians…not one race.
    How is your storm reading technique?

Leave a Reply