Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Wi-Fi Router. Show all posts

Wi-Fi Routers with Default Passwords are Vulnerable to Attacks

 

Cybersecurity researchers have advised the users to change the manufacturer’s default access credentials of their Wi-Fi home router to minimize the risk of being compromised. 

One in 16 home Wi-Fi routers still uses the manufacturer’s default administrator passwords, a recent survey conducted by tech website Comparitech revealed. This vulnerability could allow threat actors to carry out all kinds of cyberattacks, including router hijacking and victim eavesdropping. 

“These routers, which number in the tens of thousands, can be remotely found and attacked using publicly available passwords, granting malicious hackers’ access to the victim’s home network,” reads the study. Researchers at Comparitech examined the 12 most popular home Wi-Fi router models sold on Amazon.

To test these devices, the researchers used an automated script to scan the web for these routers and log in to the router’s management dashboard using the manufacturer’s default password. Of the total of 9,927 routers tested, 635 were found to be susceptible to default password attacks. 

The findings of the team’s investigation seemed to indicate that some of the routers could have been more persistent in prompting users to change the manufacturer’s default password upon first setting up the device. 

The AsusRT and MikroTik routers could not be accessed at all despite hundreds of tests, indicating they require users to change their default passwords before an internet connection is allowed through. Meanwhile, other routers didn’t fare as well. 

“On the other end of the spectrum, roughly one in six ZTE ZXV10, XFinity, and NetGear Ethernet Plus Switch routers were found to be vulnerable to default password attacks unless the default admin password is changed,” said Comparitech.

A router with default access credentials can give the threat actor a foothold on your home network and even the devices connected to it. When a cybercriminal steps into the door, he uses access to monitor the behavior of devices connected to the router, the websites he is browsing, and unencrypted data sent over the network. 

In addition, an attacker could use the router as a proxy to download pirated content, visit illicit sites, or access illegal material. You could be suspected of or held liable for these activities. To mitigate the risk users are advised to change the router’s default admin password upon first setting the device.

Your home wi-fi isn't safe: Hackers know router trick to access bank accounts, card details

Next time when you connect smartphone or a laptop to relatively secure home Wi-Fi, you might actually be surprised how easy it is to hack into your home Wi-Fi network, courtesy that router installed by your Internet Service Provider (ISP). A small vulnerability in the home Wi-Fi network can give a criminal access to almost all the devices that access that Wi-Fi. This could spell trouble for bank accounts, credit card details, child safety and a whole lot of other concerns.

Trouble could come in the form of a neighbourhood kid who piggybacks on your Internet service. While he plays video games online and talks to his friends over VOIP (Internet-based) telephone service, your Internet service may become sluggish.

But an unsecured home wireless system can also be used to commit crime.

According to the US Department of Justice, law enforcement officers will come knocking on your door if someone uses your Internet connection to upload or download child pornography.

And the bad guys don't have to live next door. Powerful Wi-Fi antennas can pull in a home network's signal from as far away as over 4 kms.

According to Finnish cyber security firm F-Secure, for very little money, a hacker can rent a Cloud-enabled computer and guess your network's password in minutes by brute force or using the powerful computer to try many combinations of your password.

The US Computer Emergency Readiness Team (US-CERT) recently issued an alert about Russia-sponsored hackers carrying out attacks against a large number of home routers in the U.S.

According to Sanjay Katkar, Joint Managing Director and CTO, Quick Heal Technologies, cyber criminals are known to exploit vulnerabilities in home Wi-Fi routers by delivering a payload.

"Once infected with the malware, the router can perform various malicious activities like redirecting the user to fake websites when visiting banking or other e-commerce sites," Katkar told IANS recently.

Your Internet Connection is most likely “hacked”; Experts say so


In case you're utilizing a Wi-Fi connection in your home, you would be very astonished to realize that your web connection is most likely 'hacked', but t real question is by whom, and what for...?

Saravanan K, a Bengaluru-based specialist working on security answers for organizations probably knows best as per him, a great many people who aren't well aware of the dangers lurking deep in the technical world don't change the default equipment and the default settings, which in itself is a serious issue.

Its biggest example being the surveillance cameras where people will in general leave the usernames and passwords at the manufacturer setting, and after that any other person who cognizes the IP address can sign into them over the Web. The equivalent is frequently valid with Wi-Fi routers, as there are numerous individuals who do not comprehend them by any means.

In a study, by the Chinese cyber security analysts Netlab 360 demonstrated that India has indeed the most home routers tainted by BCMPUPnP_Hunter. This malware has made a botnet with more than 100, 00 routers and uses it to send incalculable spam messages. China and the USA both have a high number of tainted devices, yet the number in India is evidently just about a multiple times higher.

 “They're basically using your home as a base of operations to attack other people. So they don't want to take down your computer nor do anything else that will get them noticed, they want you to stay online an active," explains Saravanan.

"This is actually a big problem for the home users.” Adding further he says, “What's happening is that your Internet bandwidth is being consumed, so your streaming might seem slow, or your data limit might be hit sooner than expected, costing you real money, and apart from that, the other downside is that attacks like credential stuffing are being powered by your network, and that's going to hurt other consumers like yourself."

The darker the colour, the more number of infected devices.

But there's only much that an average user can do to remain safe and the only possible path through which they can secure themselves as pointed out via a research from IBM is by purchasing new hardware.

Anyway it's as yet imperative to realize that these sorts of botnets are developing and spreading fast, and will influence the other gadgets as well, where the effect can be significantly more dangerous. The progressions caused make the attacks by these botnets a lot harder to distinguish by users, and subsequently prompting the expansion in these issues after some time.