Code Used in Zero Day Huawei Router Attack Made Public

Another bad boy we will have to deal with, never ending battle.

Very useful & concerning article. I have had a lengthy dialogue with a TalkTalk 'techie' this afternoon & worryingly that indicated that TalkTalk is not aware of these revelations. However TalkTalk now is & hopefully between TT & Huawei they will work out a patch before major damage occurs. Fortunately my Huawei Router is not one listed as vulnerable. but I do not want to wait & do nothing until it becomes so. So thanks for the 'heads up' on this. Lets hope action is taken as a matter of urgency.

I wonder if our reliable old friend Webroot can protect us from this potential attack,which reads to a non IT savvy user as the Router being used as a back door into our systems.
 
Certainly TalkTalk can't afford another major incident & one would think that, given Huawei's more recent aggressive move into the retail market, it would not want the sort of adverse media comment that such a successfull attack would produce.
 
TalkTalk's standard advice on its web pages is, change your password , yet many top flight people in the IT world say changing a password is a waste of time,which may well be right given as in this case the issue is the threat of an  attack on a system, not a hack of an individual account.

Hi Arjabhai
 
No it does not specifically. WRSA caters for (very well, I might add) the system you are running, be it Windows or Mac...and whilst it does not extend it's cover to the physical router, it does protect your network. So whilst such an attack might get through the router having WRSA running, on your client, should catch the payload/malware/attack...which is the most important thing.
 
And for that reason it is never recommended that one just relies on being behind a router/firewall for protection but adds a good AV/IS/AM as the main line of defence against attacks.
 
Hope that helps?
 
Regards, Baldrick

Hi Baldrick,
Very many thanks for your welcome response. I & my Windows PC have been with Webroot for many years and before that Prevex which, of course, was taken over by Webroot. I find the support levels from expert posters' such as yourself and the folks at Webroot outstanding.
I do nontheless find it worrying that TalkTalk apparently knows nothing of the current risk. I found a report on Google saying that TalkTalk & Post Office were hit with a similar issue in December 2016 . TalkTalk's (TT) techie, before apparently realising the magnitude of the potential risk seemed rather confident in his response that 'our protocols are pretty robust', but at least TT is now alerted- and that alert would not have arisen if I had not found the original reference and article via this Community page.
 
Just for the record I have been with TT for several years as its deals suit me-also its service levels have improved enormously.
Best wishes to you & all readers for the New Year.

Hi Arjabhai
 
You are most welcome...always glad to try to assist a fellow Community member. :D
 
So you are another 'old timer'...a PrevX 3 user of old...ah, those were the days...I remember beta testing PrevX 4...which never saw the light of day until it became...I assume...WRSA...and the rest is history
 
Glad also to hear that you find the Community useful...it is most gratifying to know that.
 
Unfortunately, TalkTalk does not ave a great reputation for anything other than price; I used to use them but moved away from them some time before the infamous breach, so I am not surprised to hear that TalkTalk apparently knows nothing of the current risk.
 
I suspect that you have most probably been a great help to other TT users in that you brought the current issue to their attention. Nice one!
 
 
Many thanks for the wishes. May I take the opportunity to return them by wishing you a very Peaceful & Prosperous New Year.
 
Regards, Baldrick

The end result Webroot rules no better software on the web. Let me clarify Webroot to a extent will protect the user if anything does get thru that was my point..

@
Hi- not sure as to the meaning of your cryptic comment.
 
BTW & not related to the comment above, but for the interest of any TT Huawei Router, I have now established that if one does set up a new password, should it subsequently be necessary to totally switch off the Router, it will default to its original factory setting. Not very helpful. TT advocates a total switch off and reboot as a way of remedying connectivity issues so given how often that is needed continually resetting a new password could become somewhat tedious.

@
 
Thanks for the clarification