News:

On Tuesday September 6th the forum will be down for maintenance from 9:30 PM to 11:59 PM PDT

Main Menu

Are any of the OBi devices vulnerable to mirai malware?

Started by phonebob, October 22, 2016, 03:03:25 AM

Previous topic - Next topic

phonebob

If these devices are vulnerable, shouldn't a widespread warning be sent, advising people to reboot, possibly re-flash firmware, and set a strong password?

ukusa

I woke up to my obi phone not working this morning when I tried to make a call.. I get a message saying that there is an error and to check to make sure that my password with google talk is also on my obi talk device. I checked and it's the same password.  So I went into the obi talk account dashboard, and tried to re-install my device, but got a message saying "The device has joined the network before, under another user's account. If you want to add this device, please do a factory reset and add the device."

Anyone else have this problem, and how do I resolve it?  (Please help...My husband set this up for me a couple of years ago, and it has been working fine until today...He recently passed away in August, and I don't have much of a clue how to fix this problem).

SteveInWA

You'll have to factory reset the device and start over.  To do that, pick up the phone and key in ***8 then 1 to confirm.  You will then need to add the device to your OBiTALK dashboard.

Then, follow my instructions here to set it up for Google Voice:  http://www.obitalk.com/forum/index.php?topic=8560.msg56460#msg56460

Mango

Quote from: phonebob on October 22, 2016, 03:03:25 AM
If these devices are vulnerable, shouldn't a widespread warning be sent, advising people to reboot, possibly re-flash firmware, and set a strong password?

Mirai continuously scans the internet for IoT devices and infects them by using a table of common factory default usernames and passwords to log into them.  I don't know if OBi ATAs are vulnerable, but even if they aren't, it's good practice to change your default passwords, place your devices behind a router, and don't use port forwarding or DMZ.

sylvaing

Anybody knows if OBI uses BusyBox software?

According to this article on malwaretech.com https://www.malwaretech.com/2016/10/mapping-mirai-a-botnet-case-study.html

Although Mirai could technically infect any box upon successful login, it uses a busybox specific command which causes the infection to fail if busybox is not present.

So, if OBI do not use BusyBox, its devices won't be become bots, even with them set at their default password.