That annoying SMS phish you just got may have come from a box like this
3 hours ago
- #Phishing
- #IoT
- #Cybersecurity
- Scammers exploit unsecured cellular routers from Milesight IoT to send SMS phishing messages since 2023.
- These routers connect industrial devices via 3G/4G/5G networks and can be controlled via SMS, Python scripts, or web interfaces.
- Sekoia researchers found over 18,000 exposed routers, with 572 allowing unauthorized access to programming interfaces.
- Most routers had outdated firmware with known vulnerabilities.
- Phishing campaigns targeted users in Sweden, Belgium, and Italy, directing them to fake government service websites.
- The abuse of these routers complicates detection and takedown due to decentralized SMS distribution across countries.