Click here to visit Original posting
The latest router security problem, that initially cropped up a week ago in Germany, has since been confirmed in other countries as well.
That its a new variant of Mirai, makes for sexy for headlines, but is not important. That five million devices may be vulnerable is also not important. And, It's pretty much irrelevant that the buggy routers were produced by Acadyan and Zyxel.
The most important issue in this latest router attack is that most of the blame falls on the Internet Service Providers (ISPs).
The routers were attacked on TCP port 7547, which is used by the TR-069 protocol (also known as CWMP or CPE WAN Management Protocol). Leaving port 7547 open would have been a non-issue if the ISPs had made better decisions.