Malware Attacks on BSNL, MTNL Broadband Modems – Steps To Restore

@jnraj

Looking for a stellar laptop with the latest features? Experience the Ultimate Power & Functionality with Mi NoteBook series starting at Rs 33,499 Looking for a stellar laptop with the latest features? Experience the Ultimate Power & Functionality with Mi NoteBook series starting at Rs 33,499
Looking for a stellar laptop with the latest features? Experience the Ultimate Power & Functionality with Mi NoteBook series starting at Rs 33,499

BSNL and MTNL Broadband Service got disrupted by malware attacks earlier this week. Thousands of subscribers got impacted with the attack. We think BSNL or MTNL must take the blame for this attack and pay the penalty for any losses incurred. BSNL Chairman Anupam Shrivastava said, “The situation has been addressed to a great extent. We are advising customers that they should immediately change their passwords. They should not worry about using broadband once they have done that“.

Cause And Effect

BSNL/MTNL support usually asks a customer never to mess with modem settings once they configure it. They also never cared to change a modem’s administration password and leaves it as default(admin). This negligence has given some malware access to the modem configuration page, via your external IP address. Once gained access, this malware or their creators can create a back door and steal your data from the connected devices. In our case, the attacker seems to send users to malicious websites.

Malware Attacks BSNL, MTNL Broadband Modems - Steps To Restore

Set Or Reset

Please note, these steps are for users who never modified the modem password.

  • Access your modem’s configuration page by typing http://192.168.1.1 in your browser, and key in Username: admin, Password: admin.
  • Navigate to Maintenance>Administration and set a new password for your modem.  We also advise you to set a WPA-PSK/WPA 2 PSK for your wireless network.
  • In the case of an infection, the malware may change the NTP server address to a random value. Navigate to Maintenance>Time Zone and the NTP server address to 0.0.0.0.

For advanced users, we advise you to reset the modem.

  • Do a hard reset of the modem (reset button at bottom or back of modem).
  • Access your modem’s configuration page by typing http://192.168.1.1 in your browser, and key in Username: admin, Password: admin.
  • Set your Internet service login info as given by the provider
    For BSNL Users: Navigate to Interface Setup and modify the settings as given below
    ISP: PPPoA/PPPoE
    VPI=0, VCI= 35
    Service name: BSNL
    Username: your user name (check your initial broadband document or call BSNL customer care 18003451500)
    Password: password
    For MTNL Users:
    Visit: mtnldelhi.in, download appropriate configs and set it.
  • Also, change the modem administration/maintenance password and a WPA-PSK/WPA 2 PSK for wireless.

Optionally you can flash the modem with the latest firmware. Modem configuration page layout might be different for different vendors, so kindly check the manual for more clarity.

This type malware attack has reportedly troubled over 2000 BSNL and 10,000 MTNL users. According to BSNL, the situation is under control and their core network is safe. Even though they urged the users to change the passwords, but they never quoted the possibility of privacy invasion. Hope this article helped you, Peace!

Previous
Next
Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Comments
Inline Feedbacks
View all comments

You're currently offline