Website driveby attacks on routers are alive and well. Here’s what to do

Website driveby attacks on routers are alive and well. Here’s what to do

D-Link’s DI-514 802.11b router. It was a perfectly cromulent router for its time… but those were dark days, friend, dark days indeed. (credit: source unclear, GNU Free Documentation License.)

Website driveby attacks that try to boobytrap visitors’ routers are alive and well, according to antivirus provider Avast, which blocked more than 4.6 million of them in Brazil over a two-month span.

The attacks come from compromised websites or malicious ads that attempt to use cross-site request forgery attacks to change the domain name system settings of visitors’ routers. When successful, the malicious DNS settings redirect targets to websites that spoof Netflix and a host of banks. Over the first half of the year, Avast software detected more than 180,000 routers in Brazil that had hijacked DNS settings, the company reported.

The attacks work when routers use weak administrative passwords and are vulnerable to CSRF attacks. Attackers use the

Read the rest Continue Reading
D-Link agrees to new security monitoring to settle FTC charges

D-Link agrees to new security monitoring to settle FTC charges

Enlarge (credit: Penn State / Flickr)

Router and webcam maker D-Link has agreed to implement a new security program to settle charges it failed to safeguard its hardware against well-known and preventable hacks and misrepresented its existing security regimen.

Tuesday’s agreement settles a 2017 complaint by the US Federal Trade Commission that alleged D-Link left thousands of customers open to potentially costly hack attacks. The hardware maker, the FTC said, failed to test its gear against security flaws ranked among the most critical and widespread by the Open Web Application Security Project. The 2017 suit also said that, despite the lack of testing and hardening of its products, D-Link misrepresented its security regimen as reasonable.

Specific shortcomings cited by the FTC included:

Read 6 remaining paragraphs | Comments

Source link Read the rest

Continue Reading
33 Linksys router models leak full historic record of every device ever connected

33 Linksys router models leak full historic record of every device ever connected

(credit: US Navy)

More than 20,000 Linksys wireless routers are regularly leaking full historic records of every device that has ever connected to them, including devices’ unique identifiers, names, and the operating systems they use. The data can be used by snoops or hackers in either targeted or opportunistic attacks.

(credit: Troy Mursch)

Independent researcher Troy Mursch said the leak is the result of a persistent flaw in almost three dozen models of Linksys routers. It took about 25 minutes for the Binary Edge search engine of Internet-connected devices to find 21,401 vulnerable devices on Friday. A scan earlier in the week found 25,617. They were leaking a total of 756,565 unique MAC addresses. Exploiting the flaw requires only a few lines of code that harvest every MAC address, device name, and operating system that has ever connected to each of them.

The flaw allows snoops or hackers to

Read the rest Continue Reading