Recently I've read about viruses and worms that attack routers and do some nasty things, incl. DNS changes etc. In the beginning, I just read that some people have issues that their DNS server address being substituted for something fake and evil. To me it didn't make sense, 'cos normally only me and my ISP would have access to the router's admin panel. Then I heard that there's a primitive web server operating in the router and that way we get to see web interface of the device's admin panel. And those viruses and worms use the inner server's vulnerabilities. So from what I understood (correct me if I'm wrong here), it's not some hacker sitting somewhere and seeing my login window. Also I read that those types of attacks are pretty rare due to the fact that the virus must be written specifically for a certain type of a device. Frankly, I feel bad that such an experienced person like me when it comes to computers wasn't even aware of all that. I just happened to read couple of articles recently and they brought my attention to the matter. So I wanted to hear your comments, suggestions and corrections. Is there something else I should know when it comes to the risks as far as routers are concerned? Here I'm not asking about a remedy. Just want to know the dangers.
1 Answers
There are lots of vulnerable routers out there which can be easily be hacked. A typical attack exploits that there is no or a known password for the administrative interface or that the user is logged into the router or that some critical pages on the router can be accessed without authorization. The attack itself then can be executed just visiting a web site, where silently a CSRF request to your router, maybe through some advertisement. This is far from new or rare, see this report) about hacking of millions of routers in brazil 3 years ago.
Other attacks exploit the problem that some routers have the administrative interface open to the internet or that the router has backdoors usable from the internet.
For more information see also routersecurity.org.
- 184,332
- 29
- 363
- 424