Melita has contradicted its own tech support in another eyebrow-raising statement about a security issue in its ARRIS modems
Melita contradicts Melita on severe modem security issue
This story and its three articles have a production value of €382, including working hours and expenses. We are not getting paid for delivering this public service, but greatly appreciate your donation to NEWZ.mt using our Revolut payment page.
On Wednesday, NEWZ.mt reported a severe security issue in Melita’s ARRIS modems, which regularly reset admin logins while those of other providers don’t.
The internet service provider firmly rejected “any claims suggesting that its modems are unsafe or that there are unresolved underlying issues”.
Melita contradicts itself
On Thursday, however, the company claimed in another eyebrow-raising statement that the issue – as revealed by this newsroom – did not exist at all.
This stands in direct contradiction to Melita’s own technical support, which had already confirmed in writing that such resets occur “from time to time”.
“We would like to clarify that the modems’ admin interface credentials are not remotely reset by Melita when carrying out system upgrades. These are reset by pressing a reset button found on the home modem”, the company claimed.
In fact, NEWZ.mt never referred to actively pressing physical buttons on modems, which would obviously lead to a reset of the hardware’s admin login.
Pressed on further clarification, as the company’s latest statement was in direct contradiction to information from its own technical support, Melita went silent.
Experts: ‘Security abysmal’
Meanwhile, several IT security experts have confirmed that the problem is “indeed a Melita issue” which gave attackers “limitless possibilities of manipulation”.
Once in control of one of those Melita modems affected, a hacker could lock users out of their home internet for a while, or – much worse – redirect and intercept their online traffic.
Any attacker could easily redirect a Melita user to a fake Facebook replica website, for example, and obtain their login credentials for the social network.
“This could even be done without modem access, but with modem access it’s considerably easier, quicker and more reliable”, one of the experts warned.
All of the industry sources who talked to NEWZ.mt over the last week have also stated in general that Malta’s “cybersecurity posture is abysmal”.
This story and its articles have a production value of €382, including working hours and expenses. We are not getting paid for delivering this public service, but greatly appreciate your donation to NEWZ.mt using our Revolut payment page.
