Cheat sheets

Vodafone will get you hacked [MUST READ]

Share this with people that should know this:

Security is very important, it protects you and your personal information against aggressive and unwanted users, but did you know that if you are using Vodafone, you are just waiting to get hacked?!

Well, at least if you are using the Vodafone Huawei Home Gateway HG659″. The “Vodafone Huawei Home Gateway HG659” is being used by Vodafone to allow their users to get connected to the internet. The Vodafone ISP provider in the Netherlands uses the HG659 Huawei gateway and this particular gateway does not allow the users to disable the external admin login option which allows administrators and cybercriminals to login at the admin section of the HG659 gateway.


Now you might wonder, what is the big deal?

Well, the big deal is that not a lot of people are aware of this. This means that a lot of these devices are secured by a default password which the ISP provider holds (see screenshot, they claim they need this option to provide “support”).

Vodafone support response
Vodafone support response

These default passwords are often easily brute forced by cybercriminals and hackers. Now just imagine that all the clients of Vodafone which are using the HG659 gateway just became victims to ransomware. That is a terrible scenario isn’t it?!


The cybercriminals would be able to modify the DNS settings in the gateway. DNS acts like an contact book for computers and hackers are able to change the address of for example to their own malicious website. The website would load malicious files on the unaware user his/her device and the hacker would be allowed to gain full control over the device. This would allow him to enable the microphone, webcam or download malware like the ransomware virus and force the user to pay a specific amount of money.

Reverse DNS lookup

Now it gets even worse. I was able to perform a reverse DNS lookup on the network of Vodafone, and the information showed me that there are hundreds of HG659 gateways that are simply showing up the admin login interface. The HG659 gateway is actively being implemented by the Dutch Vodafone company. They are providing this gateway in their “Vodafone Thuis (home)” package.

What can you do

If you are a client of Vodafone and you are using the HG659 Gateway which disallows the option to disable the external admin login interface then I strongly urge you to secure your HG659 Gateway with a strong password which contains at least 12 characters. You could use a phrase or a sentence to protect your gateway. Something like “IloveThe!nt3rn3t” would work perfectly!

The next step which you should take is to inform your Vodafone ISP provider about this option, and ask them if they will include a firmware update which will allow you to change the external admin login interface.


Reza Rafati

The Netherlands –

Share this with people that should know this: