Sierra Wireless has confirmed reports that a new malware threat has been discovered targeting gateways running ALEOS 4.5.2 or older that are directly reachable from the public internet and not on a private network.
To date, devices reported to be affected are the LS300 and GX400, but it is advised that all customers running ALEOS 4.5.2 or older on any devices must also take the recommended actions.
It is confirmed that in some deployments compromised gateways will no longer be able to boot and will display a solid green power LED. If you are seeing this behaviour, please contact Westbase Technology support.
Sierra Wireless has issued the following recommendations to reduce your exposure to online security threats:
- Ensure that strong, unique passwords are used for both the user and viewer accounts on the gateway:
- In ACEmanager or ALMS, navigate to Admin > Change Password
- Set a strong, unique password for both the user and viewer accounts
- Disable remote access to ACEmanager if it is not required:
- In ACEmanager or ALMS, navigate to Services > ACEmanager
- Set ACEmanager Access – OTA to OFF
- Ensure you are running to most recent available firmware for your gateway. Details for the most current firmware of all AirLink products are available to view in the full technical bulletin document.