Airlink Bulletin 2: IoTroop/Reaper Malware

Sierra Wireless Technical Bulletin: IoTroop/Reaper Malware Update

Applicable Products

AirLink® LS300, GX400, GX/ES440, GX/ES450, RV50, RV50X, MP70 and MP70E gateways and routers that are directly reachable from the public internet.

Summary

Further to the technical bulletin SWI-PSA-2018-002 issued on 29 March 2018, Sierra Wireless has determined that the IoTroop/Reaper malware is using two methods to infect AirLink gateways and routers connected to the public internet. The primary method of infection is through default or stolen passwords. However, during further investigation by the incident response team, we have identified a previously unknown vulnerability that is also in use.

The malware is known to have the following impacts:

During installation of the malware, the gateway’s user password may be stolen and sent to the malware’s command and control This may allow the gateway to be re-infected later if the malware is removed but the user password is not changed.
The malware will periodically contact a command and control server for instructions and potentially participate in a Distributed Denial of Service (DDoS) This may result in significant unexpected wireless data charges.

All users with AirLink gateways and routers that are reachable from the public internet are advised to contact Sierra Wireless immediately for assistance.
Sierra Wireless Technical Support 1-877-552-3860 (free of charge)
6:00am – 5:00pm Pacific Time, Monday to Friday.

The technical support team will assist users to remove any malware that is present and perform the following protective steps:

Register devices in AirLink Management Service (ALMS) to provide secure remote management; ALMS will be provided free of charge.
Disable remote access to ACEmanager
Enable Trusted IP / Friends List
Update the gateway User password

Sierra Wireless is developing a firmware update that will address the newly discovered vulnerability and implement additional hardening measures. Users who are registered for product or security updates on the Source will receive automatic notification when the firmware update is available.

For More Information:

For Airlink Solutions Contact a USAT Representative
For Data Network Plans, Learn more about ExpressM2M

Airlink Bulletin 2: IoTroop/Reaper Malware

Sierra Wireless Technical Bulletin: IoTroop/Reaper Malware Update

Applicable Products

Summary

The malware is known to have the following impacts:

For More Information:

Ericsson Enterprise Wireless’s NetCloud SASE

Augmenting Bandwidth with 5G

Exploring the Potential of 4.9 GHz FirstNet®

Ericsson Routers and MCA TRaCK Box Speed Disaster Response

Enhancing Event Venue Connectivity with Poynting

Transforming Network Efficiency with Ericsson Enterprise Wireless All-In-One Solution

Ericsson Enterprise Wireless’s NetCloud SASE

Augmenting Bandwidth with 5G

Exploring the Potential of 4.9 GHz FirstNet®

Ericsson Routers and MCA TRaCK Box Speed Disaster Response

Enhancing Event Venue Connectivity with Poynting

Quick Menu

Primary Menu

Sierra Wireless Technical Bulletin: IoTroop/Reaper Malware Update

Applicable Products

Summary

The malware is known to have the following impacts:

For More Information:

Ericsson Enterprise Wireless’s NetCloud SASE

Augmenting Bandwidth with 5G

Exploring the Potential of 4.9 GHz FirstNet®

Ericsson Routers and MCA TRaCK Box Speed Disaster Response

Enhancing Event Venue Connectivity with Poynting

Transforming Network Efficiency with Ericsson Enterprise Wireless All-In-One Solution

Download Policy

USAT IS NOW