June 12, 2021

SpywareNews.com

Dedicated Forum to help removing adware, malware, spyware, ransomware, trojans, viruses and more!

A Measurement Study on the (In)security of End-of-Life (EoL) Embedded Devices. (arXiv:2105.14298v1 [cs.CR])

Embedded devices are becoming popular. Meanwhile, researchers are actively
working on improving the security of embedded devices. However, previous work
ignores the insecurity caused by a special category of devices, i.e., the
End-of-Life (EoL in short) devices. Once a product becomes End-of-Life, vendors
tend to no longer maintain its firmware or software, including providing bug
fixes and security patches. This makes EoL devices susceptible to attacks. For
instance, a report showed that an EoL model with thousands of active devices
was exploited to redirect web traffic for malicious purposes. In this paper, we
conduct the first measurement study to shed light on the (in)security of EoL
devices. To this end, our study performs two types of analysis, including the
aliveness analysis and the vulnerability analysis. The first one aims to detect
the scale of EoL devices that are still alive. The second one is to evaluate
the vulnerabilities existing in (active) EoL devices. We have applied our
approach to a large number of EoL models from three vendors (i.e., D-Link,
Tp-Link, and Netgear) and detect the alive devices in a time period of ten
months. Our study reveals some worrisome facts that were unknown by the
community. For instance, there exist more than 2 million active EoL devices.
Nearly 300,000 of them are still alive even after five years since they became
EoL. Although vendors may release security patches after the EoL date, however,
the process is ad hoc and incomplete. As a result, more than 1 million active
EoL devices are vulnerable, and nearly half of them are threatened by high-risk
vulnerabilities. Attackers can achieve a minimum of 2.79 Tbps DDoS attack by
compromising a large number of active EoL devices. We believe these facts pose
a clear call for more attention to deal with the security issues of EoL
devices.