Sierra Wireless has observed IoTroop/Reaper infecting Airlink gateways running older firmware, using
default user or viewer passwords and that are directly reachable from the public internet.
If you have a Sierra Wireless Airlink gateway with a
public internet reachable IP address, it is highly recommended that you follow
the steps included in the bulletin immediately.
The links below contain the latest technical bulletins and provide details about the issue and affected products along with instruction on recommended actions.
Technical Bulletin (3/29/18): IoTroop/Reaper Malware
Technical Bulletin Update (4/30/18): SWI-PSA-2018-004: CVE-2017-15043
Technical Bulletin Update (4/30/18): SWI-PSA-2018-005: CVE-2018-10251
Technical Bulletin Update (5/3/18): SWI-PSA-2018-003: Technical Bulletin - IoTroop / Reaper Malware Update
All users with AirLink gateways and routers that are reachable from the public internet are advised to contact Sierra Wireless immediately for assistance at the number listed below:
Sierra Wireless Technical Support
1-877-552-3860 (free of charge)
6:00am - 5:00pm Pacific Time, Monday to Friday
ALMS will be provided free of charge by Sierra Wireless to support AirLink users. The Airlink Management Service (ALMS) is a secure cloud-based device management application that makes it easy to configure and update any number of Sierra Wireless gateways remotely. If you have multiple gateways and do not currently subscribe to ALMS, you can sign up by visiting this website link: ALMS Management Software
NOTE: if you are unable to add more than 15 gateways due to a restriction, you can call into Sierra Wireless at the number listed above and they can change the Account to remove the limitations.
Links of Interest
