Many Ugandans have come to enjoy using mobile internet from the fast and reliable 4G -LTE carriers like Africell, MTN, Vodafone and Smile Telecom using WiFi devices and routers which have popularly replaced the USB dongles of the olden days. These WiFi devices come in the form of both portable MiFi routers for personal use or semi-nomadic routers especially used by small business. It has been several weeks since this blog has come to learn that Smile Telecom’s MiFi devices and routers are exposed to a vulnerability where all usernames (SSID) and passwords can be exposed to the public and misused under the wrong hands.
This vulnerability was discovered by two self-taught IT gurus (white hackers) that own a start-up IT company called Zabantu who approached the 4G carrier and informed them of this vulnerability but were reportedly given a deaf ear. When this blog spoke to the dual and asked them how they were able to pull this off, all they could divulge is that they performed a little tweak that enabled them gain access to one of the WiFi routers and after checking out the configurations, they realized that Smile Telecom’s Admin Console management passwords for their WiFi routers was not secure after all. The dual quickly hacked out a script to sniff out similar devices, and they were able to obtain logins for device owners with default credentials and retrieve the client’s Username (SSID) and Password. Felix Kitaka the product development lead at Zabantu confirmed that within no time, had over 2000 Smile Telecom’s Login Credentials.
Users urged to change their default passwords
When contacted, the security team at Smile Telecom confirmed that the two “white hackers” approached them on this vulnerability and agreed that the issue existed. Being a device and not a network issue, the team at Smile Telecom had to find a way of closing this down as soon as possible through several security audits. This loop-hole was later discovered as an Inter device communication (machine to machine communication) vulnerability that permitted the hackers to successfully perform an NMAP scan on the devices to gain access to IPs, SSID and Passwords. The Smile Telecom security engineer that this blog spoke to insisted told us that customers shouldn’t be alarmed with this, since the hackers cannot trace their real location with this information. He assured Techjaja that this vulnerability has been closed and has further challenged the hackers to replicate their hack as he was confident of the work Smile Telecom has done to combat the problem.
It should be noted that this vulnerability only existed on devices used on the Smile Telecom Network and the hackers couldn’t do something similar on other networks. “Most of these MiFi routers are from Huawei and Franklyn” the Smile Enigneer said, “and we have less control over them”. He however also advised Smile customers to change their default passwords from the default “ADMIN” to something more secure to avoid to fall victim of any hack.
You can change your password by heading to your computer’s internet browser such as say Chrome, Internet Explorer or Firefox and type this IP address in the URL bar http://192.168.10.1/. This automatically will take you to the MiFi’s web interface and under WiFi profile change your password and device name to your hearts desires.
By the time of publishing this article, the team at Zabantu had already informed Techjaja that they have found several new security vulnerabilities in the Smile network in what they have termed as a “ticking time bomb for Smile Telecom”.