UniFi customers are at risk- hacking & spying

Over 1,700 TM UniFi customers can say THANK YOU to TM for enabling the remote management option on their router and a secondary administrator account, without customer’s knowledge.

The remote management option and the secondary administrator account has a very easy to guest password and was probably turned on since 25 March 2010, the day the UniFi service went live, allowing anyone in the internet to “spy” on any TM’s UniFi customer provided they have the right IP address.

The potential  damage include spying on all your internet activities, including all password, your online conversation with a friend, access to your Facebook and much more. The potential damage is much greater if you don’t have a firewall enabled on your PC, basically the hacker can have unauthorised access to every single piece of data on your PC/hard drive.

TM has admitted this issue. Below is the statement issued by TM yesterday:

Telekom Malaysia Berhad (TM) wishes to clarify the concerns raised by various parties with regards to the remote accessibility of UniFi routers which are part of the customer premises equipment (CPE) for all UniFi subscribers.

--------------------------------------------------------------------------------------
--------------------------------------------------------------------------------------

TM would like to assure all concerned parties that the only reason the UniFi router setting for remote access is enabled is for remote access troubleshooting purposes for the express use of our technical support personnel. In the event there is a technical support issue with any of our UniFi subscribers; at the first level of troubleshooting, TM’s network operation centre (NOC) can immediately remotely diagnose the problem before sending a support team on-site.

TM takes note of the security concerns that have been raised, and we have taken these issues to heart.

TM also acknowledges that there is a need to balance the public’s level of comfort with regards to security and privacy and TM’s own commitment to faster support turnaround time. As such, TM would like to maintain the higher level of service enabled by remote access management on customer routers, and in recognition of that TM will immediately change every UniFi customers’ router management password into a high security, unique one (which will be only known to the customer and TM). TM will notify all our Unifi customers of this change accordingly.

Source

Also read- UniFi ‘backdoor’ allows hacking, spying

  • http://frostier.net frostier | Dale Tan

    the problem lies with the support structure. Most on the on-site support or “the hands and legs” are being outsourced to 3rd parties company. Not TM themselves.

  • mafiz

    Yes, and by making this public, now everyone knows that we're vulnerable to this attack. Is there anyway we could increase the secuity level ourselves? I think people should worry more about what they put on Facebook rather than this!

    p/s: 'spying' can always be done even with the router secured right?

  • http://twitter.com/alphaque Dinesh Nair

    isn't just TMNet/Unifi, but P1 also pulls the same hidden super administrator password. See my blog for details.

  • http://malaysianwireless.com/ Kugan

    bro, please email me more details about the P1's admin account….ur blog post did not mention much(not detailed)… malaysianwireless@gmail.com

    Thanks

  • http://www.carlist.my Looking for cars?

    Unifi still too slow, maximum speed only 20mbps. They should go higher and give malaysians a better deal with the money they're gonna charge.

  • Dave

    Interestingly, the promise of “faster support turnaround time” has not eventuated. My UniFi died on the evening of 1st March and I reported it on 2nd March 09:00. Despite a daily sms saying that someone would contact me and confirmation that it is TM policy to have problems fixed in 3 business days, I was finally told after 3 business days that an appointment had been made for some to attend to my problem – on 16th March!
    16 days without tv, phone or Internet is a complete disgrace. TM service has in fact gone backwards in my experience with several years of Streamyx.

    Dave
    TM ticket 1-827347499