EwDoor Malware Infects AT&T Users: How to Detect Data-Stealing Virus, Remove from Your Phone

/in


EWDoor malware infected the networking equipment of AT&T, which protects and manages communications of the mobile carrier.

The said AT&T malware affected more than 5,700 subscibers.

EWDoor Malware Affects AT&T Subscribers

Chinese cybersecurity company, Qihoo 360, found out that thousands of networking equipment belonging to AT&T subscribers in the United States have been compromised with newly acquired malware, per Ars Technica.

Gizmodo reported that the AT&T malware acts as a backdoor, allowing an attacker to get into networks, steal data and engage in other activities.

Moreover, the said attacked device is named EdgeMarc Enterprise Session Border Controller. This tool is used by small and medium companies to protect and manage phone calls, video conferencing and other real-time communications.

In addition to this, session border controllers, the link connecting businesses and their Internet service providers, have access to a wide range of bandwidth and may obtain sensitive personal information, making it perfect for distributed denial of service (DDoS) attacks and data gathering.

Since the AT&T malware acts as a backdoor, it was named EWDoor by Qihoo 360, which is a word play of the “backdoor,” referring to the fact that it affects Edgewater devices.

In addition to this, EWDoor malware can update on its own, do port scanning, organize files, DDoS attack, reverse shell, and unprecedented command execution.

For those who do not know what DDoS is, Kaspersky stated that it is a method of attack that takes advantage of internet resource capacity limitations.

The DDoS attack will make several demands towards the targeted online resource. Aside from this, it also aims to surpass the website’s capabilities, accommodate numerous request and prevent it from working properly.

Read Also: Apple Hack for Students, Teachers: How to Get $400 Discount on Your Mac, iPad Purchase

On the other hand, Qihoo 360 researchers identified the EWDoor malware after infiltrating a previously undisclosed botnet, revealing that it had affected at least 5,700 AT&T subscribers in the United States.

They also claimed to have discovered more than 100,000 devices using the same TLS certificate as…

Source…