A popular make of industrial cellular routers with nearly 10,000 devices connected to the Internet in Australia alone is being abused by attackers for short messaging service (SMS) text spam, or smishing.

French security vendor Sekoia discovered earlier this year that the application programming interface (API) of hundreds of Milesight cellular routers was being used to deliver phishing messages through texts.

The targets for the campaign were Belgian government service portals, and it turns out that Australian cellular routers were attacked as well, Sekoia cyber threat intelligence analyst Jérémy Scion told iTNews.

Sekoia used the Shodan scan engine and discovered over 18,000 Milesight routers that were accessible via the Internet.

The security vendor's threat detection team teste

See Full Page