Cybercriminals exploit unsecured and outdated Milesight cellular routers to send large-scale SMS phishing (smishing), leveraging vulnerabilities like CVE-2023-43261 and other techniques.
That annoying SMS phish you just got may have come from a box like this
Unsecured Milesight routers are being exploited to enable impactful smishing campaigns using simple infrastructure, possibly via CVE-2023-43261 or other unknown compromises.
Hackers Exploit Milesight Routers to Send Phishing SMS to European Users
Milesight cellular routers with exposed SMS APIs are being abused to send phishing SMS smishing campaigns across European countries since February 2022.
