Unknown threat actors are abusing Milesight industrial routers to send malicious SMS messages through a smishing campaign across Europe since early 2022. The attackers exploit a known vulnerability in the routersβ API to distribute phishing URLs and log user interactions, complicating detection efforts. #Milesight #CVE-2023-43261
Keypoints
- Threat actors target Milesight industrial routers via a known vulnerability to send SMS phishing messages.
- The campaigns primarily impact European countries, including Sweden, Italy, and Belgium.
- Vulnerable routers expose SMS APIs, which threaten the confidentiality and integrity of SMS communications.
- Phishing URLs include malicious JavaScript and attempt to disable browser defenses to hinder analysis.
- Exploited routers enable decentralized SMS delivery, making detection and takedown challenging.
Read More: https://thehackernews.com/2025/10/hackers-exploit-milesight-routers-to.html