Dangerous backdoor exploit found on popular IoT devices

Yet more Internet of Things security woes…

In yet another worrying piece of Internet of Things security news, a backdoor has been found in devices made by a Chinese tech firm which specialises in VoIP products.

Security outfit Trustwave made the discovery of a hidden backdoor in DblTek’s devices which was apparently put there to allow the manufacturer access to said hardware – but of course, it’s also open to being exploited by other malicious parties.

The backdoor is in the Telnet admin interface of DblTek-branded devices, and potentially allows an attacker to remotely open a shell with root privileges on the target device.

What’s perhaps even more worrying is that when Trustwave contacted DblTek regarding the backdoor last autumn – multiple times – patched firmware was eventually released at the end of December.

However, rather than removing the flaw, the vendor simply made it more difficult to access and exploit. And further correspondence with the Chinese company has apparently fallen on deaf ears.

Other brands

Trustwave notes that the firmware with the hole in it is present on almost every GSM-to-VoIP device which DblTek makes (hardware which is mainly used by SMBs). Trustwave has apparently found hundreds of these devices on the net, and many other brands which use the same firmware, so are equally open to exploit.

The security company also said that it has been able to successfully exploit both the old backdoor, and the new (better hidden) modified version which was patched in at the end of last year.

It’s no surprise that concerns are mounting about IoT security, particularly when you look at a case like this. It’s not just about the pure amount of potential vulnerabilities on connected devices out there, but also purposeful backdoors, and inadequate responses when clearly dangerous issues are pointed out.