Posted Oct 3, 2012

Back to Blog Index   

4.5 Million Routers Hacked Silently

The Virus Bulletin International Conference (VB2012) has just concluded in Dallas, TX, USA. And we have gotten a few stunning facts and figures from the security experts. Fabio Assolini from Kaspersky Lab has created quite a stir by disclosing that about 4.5 million routers were hacked by Brazilian hackers. Most of the hacked routers were from Brazil though.

The router vulnerability that was used by the hackers was already known for some time (since March 2011) but most of the router vendors were either slow to update the firmware of their routers or had stopped maintaining the router.

The Cybercriminals used two bash scripts and Cross site request forgery (CSRF) attack to change the admin passwords of the compromised routers. Once compromised, the DNS servers of the routers were changed. The hackers created more than 35 DNS servers for this purpose and redirected the compromised routers DNS IPs to those DNS servers. This would give them the opportunity to manipulate the IP to Name binding capability of the DNS Servers.

The worst part of this attack is that the users can’t do anything about it except that they start using their custom DNS server in their local PCs instead of the routers. Or otherwise keep their routers firmware up to date. The later will only work if the router vendor has released a fix for this vulnerability.

The script used by the hackers is public now and can be accessed from the exploit database. You can read more information about this exploit here.

4.5 Million Routers Hacked Silently is a post from: Technize.NET

We Recommend

Windows 8 Anti-Hacking Technology

Piracy has been a huge problem for Microsoft as hackers have hacked and cracked almost all the products of Microsoft especially Microsoft Windows and Microsoft Office. In spite of Microsoft releasing technology after technology in order to counter piracy, the ...

Windows Vista and Windows 7 Kernel Bug Can Bypass UAC

A new vulnerability has been found in User Account Control feature of Windows 7 and Windows Vista. This still unpatched vulnerability could be used by hackers to bypass the UAC feature which was introduced in Windows Vista back in 2007. ...

2 Tools To Turn Windows 7 Into Wifi Hotspot

Wireless Routers or Wireless Access Points have to be used in places where we want to share Internet connection with multiple users wirelessly. But if you don't have a wireless access point but have a wireless enabled computer or laptop ...

Microsoft Security Update April 2012 ISO Image Download [KB913086]

It's the second Tuesday of April, 2012 and as usual Microsoft has released the security updates for its various products. The most important news in April is that the support for Windows XP will end on April 8, 2014. The ...

  Main • Commentary   Special Foci • Syndicated News | Corruption | Socialism | GuanXi

  Health Related • Traditional Chinese Medicine   Others • OXLL

SHORTCUT TO MAIN SECTIONS & ARTICLES Home  •  About this site  •  How did we once fight corruption in colonial Hong Kong?  •  Historical US administrative thoughts  •  USA versus colonial Hong Kong  •  Anti-corruption review of Nigeria  •  Procurement monitoring in Nigeria  •  Syndicated news  •  Usman's blog  •  Anti-graft news  •  Socialist news

Contact the editor at raymond {dot} cheng {at} kellogg {dot} oxon {dot} org

RESERVED SECTION FOR MEMBERS The Rendezvous • Builders • Commentators • Contributors • Readers • Researchers

Reflection Pages • Miscellaneous Stuff • The difference between instant evaluation and improving recognition – November 20 • Freddy Krueger revisited: Politically correct education? – October 23 • From the evaluator's perspective: Justified conclusions and decisions – October 8 • Online and distance-learning degrees from the evaluator's perspective – September 25 • The moment fake degrees turned recognized and appraised – September 9