Routers with Default Settings are Targeted
https://sp-security.blogspot.com/2015/04/routers-with-default-settings-are.html
Once
again, Internet users are warned to make sure that their Wi-Fi routers
have unique passwords. Security experts are never tired of repeating
that manta, as email spammers have been noticed sending out phishing
links again. Those links are trying to hijack the devices with default
passwords and steal personal data from their victims.
Usually, phishing emails try to force the user to click a link designed in such a way that it could log the spammer into a home router – this can be a successful attempt if the router has default security settings and a known password. After doing so, the attackers can eavesdrop on communications by altering the router’s settings to pass all traffic to them.
New attacks primarily targeted Brazilian Internet users with emails that were made to look like an alert about an unpaid bill from a local largest ISP. Instead, the email carried a link designed to hack that same ISP’s router equipment. However, the experts are confident that this attack won’t remain in Brazil but spread further.
It is known that today many routers are sold with a unique password, which protects their users against this type of attack. However, older routers were most often sold with standard settings like “admin” and “password”. So, hacked routers are now a popular tool for online mischief: for example, the Lizard Squad hacking group also used a network of hacked routers to carry out a DDoS attack against Sony and Microsoft over the Christmas period.
Anyway, even if the Wi-Fi router has a unique password, Internet users should still be careful about clicking any email links they see. Although the above mentioned attack in Brazil used vulnerability in the ISP’s equipment to enter the default credentials, other vulnerabilities may not require that much information.
By:
SaM
Usually, phishing emails try to force the user to click a link designed in such a way that it could log the spammer into a home router – this can be a successful attempt if the router has default security settings and a known password. After doing so, the attackers can eavesdrop on communications by altering the router’s settings to pass all traffic to them.
New attacks primarily targeted Brazilian Internet users with emails that were made to look like an alert about an unpaid bill from a local largest ISP. Instead, the email carried a link designed to hack that same ISP’s router equipment. However, the experts are confident that this attack won’t remain in Brazil but spread further.
It is known that today many routers are sold with a unique password, which protects their users against this type of attack. However, older routers were most often sold with standard settings like “admin” and “password”. So, hacked routers are now a popular tool for online mischief: for example, the Lizard Squad hacking group also used a network of hacked routers to carry out a DDoS attack against Sony and Microsoft over the Christmas period.
Anyway, even if the Wi-Fi router has a unique password, Internet users should still be careful about clicking any email links they see. Although the above mentioned attack in Brazil used vulnerability in the ISP’s equipment to enter the default credentials, other vulnerabilities may not require that much information.
By:
SaM