http://www.securelist.com/en/blog/208193852/The_tale_of_one_thousand_and_one_DSL_modems
"This is the description of an attack happening in Brazil since 2011 using 1 firmware vulnerability, 2 malicious scripts and 40 malicious DNS servers, which affected 6 hardware manufacturers, resulting in millions of Brazilian internet users falling victim to a sustained and silent mass attack on DSL modems."
"All too often network equipment devices are forgotten - once installed and configured, most users or businesses do not worry about applying firmware updates provided by manufacturers. Even the simplest failure can affect thousands of users, who are silently attacked and prompted to inadvertently install malware or steered into phishing domains. As pointed out by the researcher Marta Janus, DSL modems are attacked by different kinds of malware, generally Linux-based, or in attacks exploiting CSRF flaws, UPnP and SNMP misconfigurations or even a complex drive-by pharming.Strikingly, not only is this kind of fairly largely ignored by users, but the security community itself pays little attention. It is quite common to see reminders about the importance of installing security patches to the operating system, but few speak of the need to update DSL modem firmware."
I'm not in Brazil, & don't have/use DSL or ADSL, but to me it's still shocking that something of this magnitude could go relatively unnoticed. I wonder how many other (A)DSL modems could be similarly effected throughout the world, including in the U.S.? Makes me wonder about cable modems too, which in the U.S. at least tend to be ancient & never updated/maintained -- checking that out is now on my to-do list. I assume like many others I tend to [wrongly?] not worry about stuff I can't change, have little or no control over because it doesn't actually belong to me. I'm also chiding myself for being lazy -- I've long been in the habit of checking for software updates pretty regularly, but I've habitually ignored the network router, not checking for new firmware nearly as often because *usually* there's nothing new that's security related.
