UPDATED: (See below) AT&T U-verse users and customers of other Internet service providers may be in danger of hacking due to vulnerabilities in routers made by Arris
According to a blog post from cybersecurity firm Nomotion Software, which has offices in San Antonio and Austin, at least five vulnerabilities exist in software added on after the devices, which work as Internet modems and routers, were manufactured. The vulnerabilities in Arris models NVG589 and NVG599 are being dubbed, in tongue-tripping fashion, as “SharknAT&To” by Nomotion. They could allow hackers to log into an Internet user’s home network.
While the story has been picked up and apparently confirmed by tech and hacker blogs, it does not appear that AT&T has weighed in on the matter. Arris, the company that makes the devices, told the site Threatpost, that it is conducting a full investigation, but it’s unclear if there’s been any progress since that statement was made on Aug. 31.
Update, 3 p.m. Sept. 14: AT&T said it is aware of this issue and gave 512tech this statement: “We have addressed the findings from this report at the network level, and our vendor is in the process of rolling out software updates to the affected equipment.”
Every week, we’ll define a tech term, offer a timely tip or answer questions about technology from readers. Email firstname.lastname@example.org with questions or topic suggestions.
News on Open Source is free and unlimited. Access to the rest of 512tech.com comes with an American-Statesman digital subscription, which also includes myStatesman.com and the ePaper edition. Subscribe at statesman.com/subscribe.