gfxgfx
 
Please login or register.

Login with username, password and session length
 
gfx gfx
gfx
74991 Posts in 13106 Topics by 2620 Members - Latest Member: dak4482 December 08, 2016, 08:04:43 PM
*
gfx*gfx
gfx
WinMX World :: Forum  |  Discussion  |  WinMx World News  |  Netgear router exploit detected
gfx
gfxgfx
 

Author Topic: Netgear router exploit detected  (Read 373 times)

0 Members and 1 Guest are viewing this topic.

Offline DaBees-Knees

  • WMW Team
  • *****
Netgear router exploit detected
« on: October 11, 2015, 06:47:47 PM »
Quote
A security researcher in the US has said his Netgear router was hacked after attackers exploited a flaw in the machine. Joe Giron told the BBC that he discovered altered admin settings on his personal router on 28 September. The compromised router was hacked to send web browsing data to a malicious internet address.

Netgear says the vulnerability is "serious" but affects fewer than 5,000 devices.

Mr Giron found that the Domain Name System (DNS) settings on his router had been changed to a suspicious IP address. "Normally I set mine to Google's [IP address] and it wasn't that, it was something else," he said. "For two or three days all my DNS traffic was being sent over to them." This means that the attacker could have tracked what websites Mr Giron was visiting, or even redirected him to malicious sites had they chosen to do so.
He has decided to turn off the router and not use it for the time being.

'Serious' bug

The vulnerability itself has been documented by security researchers at Compass Security and Shellshock Labs in recent months.

"Is it serious? Yes it definitely is," said Jonathan Wu, senior director of product management at Netgear, one of the top three router brands in the US. "Because whenever anybody gets access to your router, they can alter settings to direct traffic to places you don't want it to go to."

The vulnerability allows attackers to gain access to the router settings without needing to provide login credentials, according to security researchers Daniel Haake and Alexandre Herzog of Compass Security in Switzerland.

Mr Giron thinks that in his case, access was gained remotely because his router settings had been configured so that they could be accessed from outside his network.

Imminent patch

While a patch has not been available for the firmware on the affected devices to date, Netgear has confirmed to the BBC that one will be released on 14 October. Mr Wu said that Netgear router owners would be prompted to update their firmware if they logged into their router's admin settings or if they had the Netgear genie app installed on their computer, tablet or smartphone. It's problematic that firmware updates can't be automatically "pushed" to routers, according to Mark James, IT security specialist at Eset. "The average user will throw the router in place and just use it," he told the BBC. "The biggest problem that we have with these types of scenarios are people don't keep the software up-to-date." What's more, anti-virus software for computers doesn't generally cover vulnerabilities on routers meaning that it would not detect such problems.

Offline White Stripes

  • Core
  • *****
  • ***
  • Je suis aimé
Re: Netgear router exploit detected
« Reply #1 on: October 11, 2015, 07:48:46 PM »
Quote
It's problematic that firmware updates can't be automatically "pushed" to routers, according to Mark James,

my cable company pushes updates to the router/modem combo we purchased from them ... is this not a common thing?

Offline Pri

  • MX Hosts
  • *****
  • *****
Re: Netgear router exploit detected
« Reply #2 on: October 27, 2015, 08:24:50 AM »
It's common with the combo devices from ISP's. My ISP also does the automatic updating with their combo modem-router.

What we need is an Android like software model for routers that manufacturers will actually embrace. I thought we'd finally gotten somewhere when some manufacturers began selling routers that came with DD-WRT pre-installed but it faded away and they've all gone back to custom designs.

WinMX World :: Forum  |  Discussion  |  WinMx World News  |  Netgear router exploit detected
 

gfxgfx
gfx
©2005-2016 WinMXWorld.com. All rights reserved.
SMF 2.0.12 | SMF © 2016, Simple Machines
Page created in 0.047 seconds with 24 queries.
Helios Multi © Bloc
gfx
Powered by MySQL Powered by PHP Valid XHTML 1.0! Valid CSS!