Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Default Passwords. Show all posts
Session Smart Routers
Cryptominers Cyber Security DDOS Attacks Default Passwords Juniper Networks Mirai malware router security Session Smart Routers

Juniper Networks Warns of Mirai Malware Threat to Routers with Default Passwords

 

Juniper Networks has issued a warning about a vulnerability in its Session Smart Routers, emphasizing the risk of Mirai malware infection if factory-set passwords are not changed.

Starting December 11, the company began receiving reports from customers about "suspicious behavior" on their devices. Upon investigation, Juniper identified a common factor: users had not updated the default login credentials.

A specific variant of the Mirai malware has been scanning for these routers, exploiting the unchanged passwords to infiltrate systems. Once infected, the devices were reportedly "subsequently used as a DDoS attack source" to bombard websites with excessive traffic. However, Juniper did not disclose the number of devices affected or the locations of the attacks.

According to Juniper, Mirai is capable of executing "a wide range of malicious activities" beyond DDoS attacks. Past cases have revealed its involvement in spreading cryptominers and enabling "click fraud" schemes that manipulate online advertising metrics.

To safeguard their devices, Juniper advises Session Smart Router users to implement strong, unique passwords immediately and to stay vigilant for unusual network activity. Signs to monitor include unexpected port scans, increased login attempts, and surges in outbound traffic.

"If a system is found to be infected, the only certain way of stopping the threat is by reimaging the system as it cannot be determined exactly what might have been changed or obtained from the device," the advisory states.

Juniper also notes that Mirai commonly targets connected devices like routers and cameras, often exploiting software vulnerabilities to spread. Using default credentials further simplifies the intrusion process, making it crucial to update them
Read more »
Wi-Fi Router
Comparitech Default Passwords Vulnerabilities and Exploits Wi-Fi Router

Wi-Fi Routers with Default Passwords are Vulnerable to Attacks

 

Cybersecurity researchers have advised the users to change the manufacturer’s default access credentials of their Wi-Fi home router to minimize the risk of being compromised. 

One in 16 home Wi-Fi routers still uses the manufacturer’s default administrator passwords, a recent survey conducted by tech website Comparitech revealed. This vulnerability could allow threat actors to carry out all kinds of cyberattacks, including router hijacking and victim eavesdropping. 

“These routers, which number in the tens of thousands, can be remotely found and attacked using publicly available passwords, granting malicious hackers’ access to the victim’s home network,” reads the study. Researchers at Comparitech examined the 12 most popular home Wi-Fi router models sold on Amazon.

To test these devices, the researchers used an automated script to scan the web for these routers and log in to the router’s management dashboard using the manufacturer’s default password. Of the total of 9,927 routers tested, 635 were found to be susceptible to default password attacks. 

The findings of the team’s investigation seemed to indicate that some of the routers could have been more persistent in prompting users to change the manufacturer’s default password upon first setting up the device. 

The AsusRT and MikroTik routers could not be accessed at all despite hundreds of tests, indicating they require users to change their default passwords before an internet connection is allowed through. Meanwhile, other routers didn’t fare as well. 

“On the other end of the spectrum, roughly one in six ZTE ZXV10, XFinity, and NetGear Ethernet Plus Switch routers were found to be vulnerable to default password attacks unless the default admin password is changed,” said Comparitech.

A router with default access credentials can give the threat actor a foothold on your home network and even the devices connected to it. When a cybercriminal steps into the door, he uses access to monitor the behavior of devices connected to the router, the websites he is browsing, and unencrypted data sent over the network. 

In addition, an attacker could use the router as a proxy to download pirated content, visit illicit sites, or access illegal material. You could be suspected of or held liable for these activities. To mitigate the risk users are advised to change the router’s default admin password upon first setting the device.
Read more »
Subscribe to: Posts (Atom)