The essence of the reports is that the users have them Fritzbucks Failed internet login attempts were found in your system registry. In other words, someone tried to be seen from the outside Fritzbucks– User registration to assume control. This is mainly possible because FritzBox can also be accessed from the internet for you as a user – for remote maintenance, for example.
Hopefully, the external attacker doesn’t have your access data. So he has to guess it. It uses an email address known or suspected to exist as the basis for this. Guess the password. If wrong, this message appears in the FritzBox protocol: “User registered […] Failed”.
According to reports, the IP address is 18.104.22.168 from which the login attempts should start. What is striking about it: According to Hezi, such attempts have been launched from this address since the summer of last year. It appears to be registered to a company from the Seychelles, where lost routing traces are being traced back to the Netherlands.
View from AVM
AVM does not see any danger in these attacks. On the website, Berliners publish a security notice in the following format:
„There is currently about access attempts to Fritz!– reported products. These are unsuccessful login attempts, i.e. guesswork. These alleged “stuffing of credentials” attempts constantly affect many devices on the Internet.
We generally recommend that you follow the instructions for secure passwords a user receives on the FRITZ interface! Box, for example.“
The loose translation means something like: “Attempted attacks are part of the general danger to life on the Internet.”
This is how you can protect yourself
The AVM offers specific advice on how to protect yourself from “public life risks”. In addition to the usual advice, this includes the most recent Fritzus– Strong and secure software and password, as well as in-depth technical advice. For example, you can use a Diagnostics page in the Fritz menu under “Diagnostics //” safetyInquire about active internet services on FritzBox and turn off unnecessary services. However, if you disable ports or services, you must ensure that you do not need them.