Security failings in home routers exposed

Home router Security flaws are being actively exploited but malicious attacks are currently rare

Related Stories

Serious security failings in home routers are getting more attention from both attackers and researchers.

In recent weeks, attacks have been mounted on Linksys and Asus routers via loopholes that thieves could exploit.

In Poland, reports suggest one gang has successfully adjusted router settings in a bid to steal cash.

A separate study found many of the routers sold online have bugs that attackers could easily exploit.

This week the Internet Storm Center (ISC) warned about a continuing attempt to exploit a vulnerability in 23 separate models of Linksys routers.

The virus, a self-replicating program or worm called The Moon, takes control of the router and then uses it to scan for other vulnerable systems.

So far, wrote ISC researcher Johannes Ullrich, it is not clear why the routers are being compromised and what might be done with them. There are hints in the exploit code that the routers will at some point be gathered together into a network of compromised machines, he said in a blogpost. Currently, he added, all the worm was doing was spreading to other Linksys routers.

Benevolent hacking

In a statement, Linksys said it was aware of the Moon malware and said it took hold on hardware only if a Remote Management Access feature was turned on. Turning the router off and disabling the remote management system should clear out the worm, it added.

Linksys has also published technical advice about how to update the core software for vulnerable routers and how to turn off the remote management feature.

Online bank login screen Polish cyberthieves targeted home routers to aid bank thefts

Earlier this month, many users of Asus routers who remotely connect via the gadget to hard drives in their homes, perhaps to watch DVDs they have ripped, found that someone had used the same feature to upload a text file urging them to do more to make the device safe.

The letter is thought to have been left on the hard drives by benevolent hackers who exploited a loophole on the Asus routers first discovered in mid-2013. Ten separate models of Asus router are believed to be vulnerable to the same exploit.

Asus released a software update last week to close the loophole.

The two incidents come soon after Poland's Computer Emergency Response Team reported a large-scale attack on home routers by thieves seeking log-in names and passwords for online bank accounts. That attack infected vulnerable routers with software that snooped on traffic before passing it on to the bank sites people were trying to reach.

A separate study by security firm Tripwire has found that 80% of the 25 best-selling routers available on Amazon are vulnerable to compromise.

Security researcher Craig Young from Tripwire said exploits had been publicly discussed and published for more than one-third of these devices.

The past 12 months have seen a flurry of interest in routers by security researchers keen to find bugs and loopholes. One project detailing their findings now lists hundreds of exploits for routers from 36 separate manufacturers.

"In recent years, the computing power of the average home router has increased substantially to support features like streaming media and file or print sharing," said Mr Young. "These additional features offer new attack surface while the additional computing power creates new possibilities for what an attacker can do with a compromised device."

More on This Story

Related Stories

The BBC is not responsible for the content of external Internet sites

More Technology stories

RSS

Features & Analysis

  • Prostitute in red light district in Seoul, South KoreaSex for soldiers

    How Korea helped prostitutes work near US military bases


  • LuckyDumped

    The rubbish collector left on the scrap heap as his city cleans up


  • A woman gets a Thanksgiving meal at a church in FergusonFamily fears

    Three generations in Ferguson share Thanksgiving reflections


  • Walmart employees and supporters block off a major intersection near the Walton Family Foundation to stage a protest calling for $15 an hour and consistent full-time work in downtown Washington October 16, 2014. Black mark

    Wal-Mart workers revolt against the annual shopping bonanza


BBC Future

(Allseas)

How to build an ocean giant

The world’s largest ship, in pictures Read more...

Programmes

  • All-inclusive holidaysThe Travel Show Watch

    With all-inclusive holidays seeing a resurgence are local trades missing out to big resorts?

BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.