Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

"Millions" Of Home Routers Vulnerable To Web Hack


  • Please log in to reply
9 replies to this topic

#1 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:03:16 AM

Posted 14 July 2010 - 12:20 AM

http://blogs.forbes....le-to-web-hack/

The upcoming Black Hat security conference in Las Vegas offers an annual parade of security researchers revealing new ways to break various elements of the Internet. But few of the talks have titles quite as alarming as one on this year's schedule: "How to Hack Millions of Routers."

Craig Heffner, a researcher with Maryland-based security consultancy Seismic, plans to release a software tool at the conference later this month that he says could be used on about half the existing models of home routers, including most Linksys, Dell, and Verizon Fios or DSL versions. Users who connect to the Internet through those devices and are tricked into visiting a page that an attacker has set up with Heffner's exploit could have their router hijacked and used to steal information or redirect the user's browsing.


Edited to comply with fair use rules. ~ OB

Edited by Orange Blossom, 18 July 2010 - 06:22 PM.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


BC AdBot (Login to Remove)

 


#2 Layback Bear

Layback Bear

  • Members
  • 1,880 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Northern Ohio
  • Local time:05:16 AM

Posted 16 July 2010 - 11:38 AM

Thanks Broni it's another bad thing to watch for. I have read all of it and I have some question I hope you can help me with. Maybe I just missed it. 1: Are systems with out routers just DSL modems have to worry about these attacks. 2: Is there a way that one can scan the routers and/or modems for such attacks.

#3 Broni

Broni

    The Coolest BC Computer

  • Topic Starter

  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:03:16 AM

Posted 16 July 2010 - 11:56 AM

1. Actually, system WITH routers are safer, because routers provide an extra layer of protection - hardware firewall.
2. I'm not aware of such tool, but maybe some malware person will provide more info. Security flaws happen...

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#4 samuel3

samuel3

  • Members
  • 2,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:16 AM

Posted 16 July 2010 - 12:56 PM

Could this be why im disconnecting all the time...?

#5 Layback Bear

Layback Bear

  • Members
  • 1,880 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Northern Ohio
  • Local time:05:16 AM

Posted 18 July 2010 - 07:44 AM

Thanks for your reply Broni. have a nice day.

#6 Broni

Broni

    The Coolest BC Computer

  • Topic Starter

  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:03:16 AM

Posted 18 July 2010 - 12:10 PM

Sure thing :thumbsup:

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#7 jdbaker82

jdbaker82

  • Members
  • 103 posts
  • OFFLINE
  •  
  • Local time:06:16 AM

Posted 21 July 2010 - 12:00 AM

Actually you can prevent this from happening just by changing the default routers password which is usually admin or password that's how the routers are being accessed in the first place.

#8 nqzdepofltr

nqzdepofltr

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:06:16 AM

Posted 11 August 2010 - 09:36 AM

People who are infected with Kido and have routers should worry about this even more.
It dictionary attacks the router against a list of default credentials then hijacks dns settings.
So even if you get rid of Kido you may find that you are still blocked from security sites.

#9 T Simon

T Simon

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Location:USA
  • Local time:06:16 AM

Posted 20 September 2010 - 04:57 AM

There are routers available which encrypt the entire network that uses it. Has anyone heard about these/ have one they're happy with?

#10 Andrew

Andrew

    Bleepin' Night Watchman


  • Moderator
  • 8,260 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Right behind you
  • Local time:03:16 AM

Posted 20 September 2010 - 07:45 PM

This is yet another attack vector that is neutralized by disabling javascript. NoScript FTW!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users