Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Router Exploit?


  • Please log in to reply
2 replies to this topic

#1 Goin2Dover

Goin2Dover

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:22 PM

Posted 20 April 2018 - 07:47 AM

I had a customer bring in a 1 day old system be bought on April 19.

He complained after being connected to the Internet for awhile "and browsing e-bay" he got a pop-up which blocked Internet access and demanded he enter his Username/PW to reconnect to the router (which he entered) as well as the more familiar 800 number for "help".

Is this a signature of a new router exploit that seems to have hit the news? I formatted and reloaded Windows as a precaution.

Thanks in advance for any replies.

(I advised customer to contact his ISP for instructions to change router P/W).

 

An aside but the radio is going nuts in Philadelphia with Comcast commercials that state it's now so easy to change your router password to something easy to remember. Isn't this a recipe for disaster for brute force dictionary attacks? 


Edited by Goin2Dover, 20 April 2018 - 07:49 AM.


BC AdBot (Login to Remove)

 


#2 Vectron

Vectron

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:22 AM

Posted 24 April 2018 - 10:02 AM

Popup which blocked internet access? I'm not sure about Comcast, but if it happened to me I'd assume it's probably some malicious phishing javascript running in the browser or perhaps the computer is infected with malware. I reckon the ISP's don't need to ask for passwords to access their own hardware, but I usually suggest it's best to buy a separate device for the router/gateway and have the ISP supplied device act just as a passive modem.

#3 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 9,327 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:10:22 PM

Posted 24 April 2018 - 11:07 AM

I had a customer bring in a 1 day old system be bought on April 19.

He complained after being connected to the Internet for awhile "and browsing e-bay" he got a pop-up which blocked Internet access and demanded he enter his Username/PW to reconnect to the router (which he entered) as well as the more familiar 800 number for "help".

Is this a signature of a new router exploit that seems to have hit the news? I formatted and reloaded Windows as a precaution.

Thanks in advance for any replies.

(I advised customer to contact his ISP for instructions to change router P/W).

 

An aside but the radio is going nuts in Philadelphia with Comcast commercials that state it's now so easy to change your router password to something easy to remember. Isn't this a recipe for disaster for brute force dictionary attacks? 

 

I can't say what went on as far as the pop-up, etc., without having actually seen what came up, but it sounds like a conventional phishing expedition variant to me.

 

As to changing your modem-router password to something easier to remember, that's something I encourage all my clients to do.  The probability of any given home user's modem-router being targeted by a brute force dictionary attack is really, really low.  If you encourage them to use something that's very easy for them to remember, but very hard to generally guess, and that's at least as long as the original password they should be fine.  I always encourage folks to use what I call the "Portmanteau Method" of creating a memorable password.  Combine several elements from your life that include numbers (e.g. the house number of the first address you had as a child or as an adult), letters (like the name of your favorite pet, long dead now, and that uses a capital letter, or a combination of the first name of your maternal grandfather and first name of your paternal Grandmother), and at least one special character.  I tend to tell folks to pick a consistent position for the number component and special character component in all their generated passwords, as that makes them easier to mentally reconstruct when you need to.

 

I have yet to see a password of that style compromised.


Brian  AKA  Bri the Tech Guy (website in my user profile) - Windows 10 Home, 64-Bit, Version 1809, Build 17763 

     Presenting the willfully ignorant with facts is the very definition of casting pearls before swine.

             ~ Brian Vogel

 

 

 

              

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users