The operator SFR is currently in the limelight after the discovery relayed by the newspaper Le Point about major flaws identified on Altice servers that could expose the personal data of one million users.
The newspaper Le Point highlights the discovery of two major flaws in the systems of the operator SFR that Altice would have tried to pass over. According to a newspaper survey, some servers in the Altice group had security flaws.
The first flaw, the least important allowed any user with a box SFR cable to access the administration page of any other cable box provided the correct IP address. From this panel, it would have been easy to recover passwords and recover personal data to set up an advanced and personalized phishing campaign.
Related: Altice holds 95% of SFR and will withdraw the trader
The other, much bigger flaw was discovered in Altice's servers, so it would have been possible for a hacker to access the management of the updates of all the boxes of SFR's customers. Therefore, the release of a vertiy update could allow the control of remote equipment or the organization of a zombie park in the form of a botnet of over a million machines.
Related: SFR: a paying option imposed on its customers that brings very big
Faced with these discoveries, SFR confirms the existence of the flaws between March and May 2017 but indicates that "the necessary modifications were committed immediately, and the problems were corrected in the days which followed". According to the operator none of the two faults has been exploited.
Source : Le Point
💌 Follow by Email:Digital Channel
🌍🔍 Search Google :digitalchannel.tk
Click Index You Might Be Interested
suivre Dhaouadi Aymensur
