Sunday, February 18th 2007

Computer routers face hijack risk:

Researchers at both Symantec Corp. and the University of Indiana say routers are at risk of highjacking. The research found that router users are succeptable to hijacking of their hardware through malicious code hiding in specially crafted websites that could change settings on the network devices and begin phishing attacks. These attacks are very dangerous to users an example givin by cbc.ca states, "For example, a person could enter the correct address of their bank's website into their web browser but they would be taken to a fake site designed to steal their banking information." The scary thing is that this particular type of attack works on The on all major consumer routers, including routers made by Linksys, Belkin, Netgear and D-Link, but only after a user on that device visited a specially crafted web page for it to work.Source: cbc.ca
Add your own comment

31 Comments on Computer routers face hijack risk:

#1
WarEagleAU
Bird of Prey
::cringe:: this isnt good news....
Posted on Reply
#2
XooM
thank God, the FSM, and Tom Cruise for Smoothwall :cool:
Posted on Reply
#3
niko084
Cisco 850 FTW! < Maybe I should get one, they do the trick, and are the cheapest of the group.

I have been highly considering setting up another linux machine to act as a router anyways.
Posted on Reply
#4
PyroInc
wouldn't the url be different then. I'd notice something was wrong then
Posted on Reply
#5
Namslas90
Just another reason why I don't/won't use routers. Multiple ISP's is the way to go!!
Posted on Reply
#6
XooM
by: PyroInc
wouldn't the url be different then. I'd notice something was wrong then
no. It could spoof your DNS and redirect any normal URL to any page they wanted, all while looking completely legit.
Posted on Reply
#7
spectre440
this definantly isnt good...

there are way to protect one's PC against these types of things, but how does one protect ones router?
Posted on Reply
#8
ex_reven
by: spectre440
this definantly isnt good...

there are way to protect one's PC against these types of things, but how does one protect ones router?
get a firewall router?
and set it up properly
Posted on Reply
#9
Pinchy
hmm, i hope SMC isnt affected :p
Posted on Reply
#10
Poisonsnak
read the rest of the story at the end of the link:
The researchers cited surveys that showed half of home router users use the default password or no password on the device, and 95 per cent allow their web browsers to use JavaScript code.

"This means 47.5 per cent of all home users … are effectively leaving themselves open to another attack — allowing attackers to circumvent all known anti-phishing countermeasures," the researchers wrote.
These are the same kind of people that don't secure their wireless networks
Posted on Reply
#11
newbielives
I was scared for a minute there lol

by: Poisonsnak
read the rest of the story at the end of the link:



These are the same kind of people that don't secure their wireless networks
Posted on Reply
#12
Alec§taar
by: NamesDontMatter
Researchers at both Symantec Corp. and the University of Indiana say routers are at risk of highjacking. The research found that router users are succeptable to hijacking of their hardware through malicious code hiding in specially crafted websites that could change settings on the network devices and begin phishing attacks. These attacks are very dangerous to users an example givin by cbc.ca states, "For example, a person could enter the correct address of their bank's website into their web browser but they would be taken to a fake site designed to steal their banking information." The scary thing is that this particular type of attack works on The on all major consumer routers, including routers made by Linksys, Belkin, Netgear and D-Link, but only after a user on that device visited a specially crafted web page for it to work.

Source: cbc.ca
Turn off JAVASCRIPT in your browsers & web based apps that use it...

:)

* This is the reason WHY I do so, OR rather, a part of it... & only use it, where you HAVE to. For INTRANET usage, it's decent stuff... but, for the public internet, it definitely has DOWNSIDES!

APK

P.S.=> Webmasters may not LIKE me doing that, but it is a personal choice - I'd like to keep my system solid & secure as is possible! apk
Posted on Reply
#13
Poisonsnak
Well I was more concerned with those who leave the default password on their router but hey I've never liked javascript either.
Posted on Reply
#14
Scavar
After reading this, I decided I would finally turn Javascript off.

My dad is pretty insane when it comes to routers. Who the hell uses the default password? Isn't it like admin for all of them? I mean come on....
Posted on Reply
#15
Pinchy
by: Poisonsnak
read the rest of the story at the end of the link:



These are the same kind of people that don't secure their wireless networks
lol who doesnt use a password :p
Posted on Reply
#16
ex_reven
My router password is set to default :p
i could never really be bothered to change it :roll:

i would of course do so if i was visiting less than ideal websites, but i havnt ventured away from hotmail, tpu, myspace and wikipedia on this computer in the few months ive had it.

il change it later ;)
Posted on Reply
#17
Pinchy
you log onto your internet banking :p!

dont mind me if i sit out the front of your house with my bro's laptop :D
Posted on Reply
#18
ex_reven
you would have no idea how to steal my bank funds kiddo :p
Posted on Reply
#19
Pinchy
make a bet :D?

I already know your router password :p
Posted on Reply
#21
Pinchy
Moral of the story, change ur password
Posted on Reply
#23
Pinchy
no, now i cant wipe your bank account :p
Posted on Reply
#24
xylomn
Just use firefox with the NoScript extension... then you can enable javascript for the sites you need and leave it off for everything else... works a treat :)
Posted on Reply
#25
Easy Rhino
Linux Advocate
something doesnt add up. most people have their routers actually setup as gateways. how do these bad hackers get the gateway to redirect to a fake site when its the NIC in the PC that is making the call to the IP address?
Posted on Reply
Add your own comment