Eircom Customers Wide Open to Erroneous Disconnection
Written by enigmax on February 02, 2009Eircom, the Irish ISP that agreed to disconnect alleged file-sharers at the behest of the music industry, has thousands of customers still exposed to a serious security hole. The flaw, which affects up to 250,000 subscribers, could mean they are wrongly accused of something they didn’t do. Thanks to Eircom, they may now lose their Internet connection.
Back in 2007, Eircom was supplying Netopia wireless broadband routers to its customers. Certain models (2247 and 3300) had only weak WEP encryption enabled which is easily hacked if you know how. But even worse, the network encryption key supplied to the customer was an Eircom-generated one, a choice which was set to cause many potential security problems.
Unfortunately for Eircom and its customers, it didn’t take long for their setup to be exploited. Aside from standard WEP-crack apps, several pieces of software became available on the web to instantly crack the protection on these routers. Within seconds, the software allows anyone to access an Eircom customer’s connection without permission.
All it takes is a simple scan for wireless networks in the area, select one of the available Eircom routers (they are easily spotted) and enter the discovered SSID into the software. The applications instantly return the router’s WEP key. In just moments, anyone within wireless range can be abusing the connection by doing, well, just about anything.
Eircom knows about the exploit and claimed to have sent letters out to every subscriber with an affected router, telling them to change their keys and/or SSID. Of course, out of that potential 250,000 subscribers, there were a huge number who had absolutely no idea what Eircom were talking about, while others did but took no action. The end result is that there are thousands of Eircom customers who are still exposed to the problem of other people doing stuff on their line that they know nothing about.
Reader Sean Byrne, who lives in Ireland told TorrentFreak, “There are lots and lots of existing WiFi signals that are open to this exploit. I’m located in Galway city, there are several ‘Eircom*** ***’ SSID’d networks located in the city that are open to this.”
Even now, 18 months after this exploit became known, Sean explained that while traveling around the country he finds Eircom-routered networks he can easily jump onto, should he wish. “It’s like free communal WiFi on tap,” he told us, “most places you travel in Ireland will have an Eircom WiFi signal.”
Although WEP security should be avoided if at all possible, some devices (particularly older ones) rely on it. Short of changing the WEP keys, this particular exploit can be defeated by simply changing the network’s SSID.
That said, we expect the same people who ignored or missed Eircom’s advisory the first time round will more than likely take the same action as they did back then – i.e very little. In the meantime, thanks to Eircom’s deal with the music industry, anyone in this position can have their connection used by an unauthorized file-sharer, and along with that the prospect of being accused of something they haven’t done.
Equally, anyone with one of these routers could simply claim they have been the victim of a hacker and Eircom would have to believe them. I’m sure we’ll be hearing more about this situation before long.
Previously: Top 10 Most Pirated Movies on BitTorrent
Next: Get Into 200+ Private BitTorrent Sites
28 Responses
So if you have an Eircom router, you never can be accused of file sharing ;)
everyone should just switch isp if possible that would teach them a good lesson imo
WEP can be cracked very easily **regardless of the key used** as it is not due to a typical brute-force password attack but instead through packet analysis. The only way to address WEP’s vulnerability is to not use WEP at all, which would mean upgrading the router’s firmware, if possible, or more likely, getting another router, that supports WPA/WPA2 encryption.
All in all a very very useless system.
The ISP (abbreviated to E) disconnects the person, person claims he/she got hacked (even if they didnt) E has no choice but to believe the person because E has supplied crappy routers to their clients, E gives back the account to the person because it does not want to disconnect a person wrongly (plus E is only too happy to believe the person so that E does not lose persons subscription fees).
All in all, music industry is again biting its own tail and nothing changes, which is cool because f**k the music industry.
http://www.eZee.se
can i get a list of the IPS of that HOST time for a mass disconnect…..
E then sends a support technician to change encryption and keys, and the person feels more secure, since they didn't lie. And if they did – well, they no longer got an excuse next time.
Not possible to do so for a whole quarter million customers, would be nice if they did though, should help with employment… they would have to hire hundreds if not more techs, and whatever they come up with… will be broken again.
Wrote a related article if you are interested:
http://ezee.se/articles-blog/2009/02/02/eircom-a-...
http://torrentfreak.com/the-pirate-bay-tricks-ant...
sucks to be anyone that has the IP adress that pirate bay posts as a fake peer…
Actually, if the Irish folks want to follow along with some of the ideas of forcing a mass disconnect, this is an opportunity – hack those routers, get into those networks, download the latest hollywood movie, and upload for a while.
If it works like we hoped, thousands upon thousands of people get disconnected, and Eircom realises very quickly how flawed their plan is. They are forced to change their terms to be at least more feasible, and the music industry gets to suck their own, because their model for piracy-control doesn't work. And at that point, we could use that failure to reflect similar possible failures of similar works of legislation across the world.
Don't let this opportunity pass you by Ireland. Show them what happens when you bend to the corporations instead of working for your customers.
If computer is infected with a trojan, new password will be sent to hacker, therefore this "wireless protection" can be used unlimited times.
thanks for spreading the word TF, as always good article.
i personally will disconnect abut 12 customers. :)
hey lonewolf, its jolly ;)
haha indeed.
If they change their SSID Its still possible to figure out the wep using the routers mac address.
Do any music industry management people have eircom connections? I would like to find out their IP addresses!
Most downloading is done either at college or in student accommodation both of which have communal broadband. Id like to see how that one works out for eircom…..
2 things spring to mind here.
1. If the customer is always right and you tell the ISP ” no it wasn’t me ” is the ISP not responsible to prove beyond reasonable doubt that it was indeed you. i.e. be allowed access to the software being used to track you. It surely must be the only way to tell if it is indeed an accurate accusation or not.
2. When someone is accused, why dont they bring their router and pc to the ISP / police / media monkeys and say search my stuff.
And lastly the maker of the wireless router should be in court, because they supplied an insecure device to you in the first place. So don’t be fooled into thinking that wpa2 will save your bacon cause that only takes a little longer to crack with a few dictionaries at hand or becoming the router itself and routing all traffic through the attackers box.
Peeps will say, yeah thats it get someone else into trouble to get what you want!!!! Yeah then take all your gear to the local copshop and say prove it was me and not someone else and no officer my antivirus / rootkit software did not detect the trojan you found on my system:P
As cracking wireless becomes a 1 click solution then abuse is bound to happen and the games will commence.
Thanks Torrentfreak for bringing this to peoples attention.
I have attempted to do the same.
http://isohunt.com/forum/viewtopic.php?p=566049#566049
@16
Your talking crap about WPA2, aslong as you have a strong passphrase its impossible to hack, the closest it been to is cracking the upstream chyper using GPU computing and a specialist peice of kit. Even with this you cant use the connection. It uses AES packet encryption. Also how can you tell a computer to foward traffic to you (pretend router) if you dont know what its sending and dont have the encryption keys. What a suprise you are talking out of your arse. WEP by no means is still easily hackable in minutes 64 bit, 128bit take your pick….
@18 noob alert. Obviously you dont frequent enough hotels now do you. tosspot. Nothing is impossible it is only a matter of how much time it takes. a long time or a short time.
And hey noob, wep can be cracked in seconds not minutes and if your beloved passphrase bound to your wpa2 is straight from the dictionary, then, houston we have a problem.
you dont even need an app to get into the eircom routers. just go here and enter the ssid
http://s4dd.yore.ma/eircom/
Even if they change it, people will already have the wep key. Wep is so easy to crack, I can do it in a few mins. WPA is crackable too. Ethernet is secure, use that. Or WPA2
ahaha yeah that noob has been smokin too much hashish..
but hey i dont mind, it only makes it more of a surprise when i break into there network and STEAL ALL THERE INTERNETS!
@19 again noob alert, if you actually read what i said, “Your talking crap about WPA2, aslong as you have a strong passphrase” and, okay some WEP’s take senconds others can take like 10 mins, does it really matter in that sort of time scale?
here is the link to the page that can crack your wep key easy huh?
http://s4dd.yore.ma/eircom/
Eircom is the only ISP in the world to totally pull down their pants and assume the position for the music industry.
I’m from Ireland and my ISP is eircom. Could somebody please tell me a way to bypass Eircom’s restrictions so that I can download torrents undetected.
Would Kommute(http://kommute.sourceforge.net/) work?
I really dont want to have to pay for a VPN service or similiar. If I wanted to pay for torrents I would just buy the music in the first place.
Thanks for your help.
I didn’t read all the comments, so I hope I’m not repeating anyone else, but I plan to make sure myself and anyone else I know ends any contract they have with eircom and changes to a new provider. Ireland is usually the last place for interesting/controversial stuff of a tech nature to happen, cause we’re usually a bit behind, but this is a disgrace!
Hehe, I’ve been stealing internet from my high-density housing (slums) neighbours for years, As of writing, I’m getting 9 signals, 8 of which are easily accesible. I think I’ll download every scrubs episode tonight. XD
5 references to this post
Responses are closed
All remaining responses will continue to be archived. Use the TorrentFreak forums if you want to discuss something.