Unexus - DrayTek issues due to cyber attacks – Incident details

All systems operational


Via deze site houden wij onze klanten op de hoogte bij eventuele
storingen en gepland onderhoud.

We zetten alles op alles om storingen te voorkomen. Zo is ons netwerk volledig redundant uitgevoerd. Helaas komen storingen in de keten wel eens voor. We doen in ieder geval wat in onze mogelijkheden ligt om deze zo snel mogelijk te (laten) verhelpen. Jammer genoeg hebben we geen directe invloed op alle storingen, behalve er open over zijn. Daarom informeren wij u op deze pagina zo transparant mogelijk over lopende en opgeloste storingen.

DrayTek issues due to cyber attacks

Resolved
Partial outage
Started 17 days agoLasted 1 day

Affected

Enreach (voorheen Voiceworks)

Partial outage from 10:10 AM to 11:39 AM

Updates
  • Resolved
    Resolved

    All customers using DrayTek hardware have been contacted by Unexus and provided with an update that mitigates the vulnerability

  • Update
    Update

    We are currently trying to remotely update a number of DrayTeks to fix the vulnerability. The first results are positive

  • Identified
    Identified

    Internet providers worldwide have been hit by attacks in recent days that cause vulnerable DrayTek routers to reboot. "We have received several reports of unstable KPN connections in combination with Draytek hardware. After contacting KPN and the Dutch Draytek supplier, we can report the following: Worldwide abuse is being made on DrayTek routers with outdated firmware, which can cause the routers to reboot," reports internet company IP One.

    Internet Diensten Texel also gives this message. "The various connections that have failed are causing a lot of pressure on our helpdesk. In order to help everyone as quickly as possible, we unfortunately cannot speak to you by phone", the company further states. "We currently only see it happening with the Draytek 2133 and not the other models, but the problem can occur with other types", says internet company Weserve.

    "Some customers are experiencing problems with their routers rebooting. This is related to vulnerabilities that were reported and patched in early 2024," DrayTek importer Xpert Data reports. The problem concerns a large number of models. In addition to Dutch internet providers, foreign ISPs are also reporting problems. DrayTek itself speaks of a vulnerability, but not of active abuse. The manufacturer advises disabling the remote access and SSL VPN options for unpatched routers. In addition, it is recommended to purchase a new model in the case of 'too old' routers.

    Unexus is currently investigating how we can mitigate these problems as soon as possible.