TalkTalk Wi-Fi passwords stolen in malware attack

Tuesday 6 December 2016 | 08:47 CET | News

Ken Munro, a security researcher at Pen Test Partners, said customers of TalkTalk had their' Wi-Fi passwords stolen after the malware attack on their routers a week ago, and called on the ISP to replace their routers. The researcher said other details had also been taken that would let attackers pinpoint where the equipment was being used, making more targeted hacks possible, the BBC reports. 

A TalkTalk spokeswoman said the company did not see evidence to confirm the thefts. TalkTalk said only a small number of its customers had been affected by the attack and it was updating its equipment to close the vulnerabilities. 

Munro obtained one of the affected routers to study the attack. He said his "honeypot" router was hit by the variant of Mirai, which is now being referred to as TR-06FAIL. 

In addition to disrupting connectivity, Munro found that a follow-up attack involving the same malware caused the device to disclose its Wi-Fi password and SSID code. This means customers using the same password are still at risk, even if they updated their router. 

Another security researcher, Steven Murdoch from University College London, checked the findings and said Munro had reason to be concerned, but added it was not clear who had taken the passwords. If criminals, they would need to visit the home in order to connect to the Wi-Fi network and take information from the network or infect it again. He recommended users change their password for better protection. 

Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

::: add a comment