Incident Response, TDR, Vulnerability Management

Security foundation also warns of Netis router backdoor


Last week, researchers at Trend Micro alerted users to a backdoor in Netis and Netcore brand routers, and now a security foundation has revealed similar findings on the threat's impact.

The affected devices, sold by Chinese vendor Netcore as well as distributed under the Netis brand name outside of the country, were said to be mainly in use in China. According to a Tuesday scan by security foundation Shadowserver, more than 735,000 distinct IP addresses responded to its probe as being impacted by the backdoor, which stems from an open UDP port accessible from the WAN side of the router.

In a Tuesday update, Trend Micro said that the number of affected devices appeared to have dropped significantly (from around 2 million to 1.35 million devices), but that it was still unaware of a patch being released by the device maker.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.