Millions of Home Routers Will Soon Be Hacked

[NoGooD]

I found this on Toms Hardware and also posted a link to Forbes which has a list of routers to which the exploit has been tested on.

 

For those intrested, take a minute to read it and/or at least look at the list on Forbes.com Link to Forbes to see if your router is vulnerable.

 

Millions of Home Routers Will Soon Be Hacked

3:50 PM - July 21' date=' 2010 - By Kevin Parrish - Source : Tom's Guide US

 

A researcher plans to launch a hacking tool that will break into millions of home networks. Oh, and have a nice day while you're at it.']Now here's something to be worried about: according to report first published by Forbes, a researcher from Maryland-based security consultancy Seismic plans to release a software tool that will hack into millions of routers used on home networks. The tool is expected to be made available during the upcoming Black Hat security conference in Las Vegas, and will have the ability to hack into routers manufactured by Linksys, Dell, Verizon (Fios, DSL) and more.

 

Apparently the tool uses a variation on a technique known as "DNS rebinding." It takes advantage of an age-old problem with the DNS system where websites balance traffic by offloading visitors to additional IP addresses. "There have been plenty of patches over the years, but this still hasn't really been fixed," said Craig Heffner, the researcher behind the hacking tool.

 

Heffner's tool works something like this: web surfers are tricked into visiting a website that contains special script--this script changes the DNS of the website and instead uses the DNS of the visitor, granting the hacker access the user's home network. The hacker could then hijack the browser and access the router's settings.

 

Current browsers have safeguards the prevent hackers from performing the DNS rebinding trick. However Heffner has found a way around those roadblocks, and apparently it wasn't a difficult task. "The way that [those patches] are circumvented is actually fairly well known," Heffner said. "It just hasn't been put together like this before."

 

Could your router be one of the models susceptible to Heffner's attack? Find out by locating your model on this list. Out of 30 models he tested, Heiffner said that about half were vulnerable.

 

The good news here is that his method of attack requires the hacker to compromise the victim's router after gaining access to the home network. One of the best ways to keep hackers out of the router is to change the default login password, and keep the firmware up-to-date.

 

Still, why make this hacking tool available for the public? Why would any "researcher" put millions of users at risk of hijacking and data theft? Simple. To draw attention and (finally) get the problem fixed.

 

"I’m not the first to give a Black Hat talk on DNS rebinding, and I won’t be last," he said. "Everyone has had ample time to fix this."

[PHANTASM]

There are endless exploits with every piece of software ever written, if someone wants to put forth the time and effort to uncover them. So, this guy is just a jerk, and should be prosecuted as an accomplice for every illegal intrusion that results from releasing this intrusion tool.

 

You know, you could go up to a gas station, buy a gallon of gas, and pour it on someone and set them on fire. That's an exploit. And the authorities have known about this security loophole (I'm being sarcastic) ever since gasoline was invented. But if you do it you would go to jail for decades. Same principle.

[NoGooD]

There are endless exploits with every piece of software ever written, if someone wants to put forth the time and effort to uncover them. So, this guy is just a jerk, and should be prosecuted as an accomplice for every illegal intrusion that results from releasing this intrusion tool.

 

You know, you could go up to a gas station, buy a gallon of gas, and pour it on someone and set them on fire. That's an exploit. And the authorities have known about this security loophole (I'm being sarcastic) ever since gasoline was invented. But if you do it you would go to jail for decades. Same principle.

 

So I take it your router was on the list of hackable routers? lol.

 

I have no opinion either way. True my router was on the "unsuccessful" list, but that has nothing to do with it.

 

While I agree with you that the gentlemen releasing the exploit is somewhat of a douche for doing so, this problem has been around for years and manipulated several times already. I can also see the point the guy is trying to make that the companies producing the hardware should have resolved this problem long before now. I'm just not sure he's going about it the right way.

 

Hell, I'm not even in that industry and I've heard ranting on different newsboards, white papers, etc for some time. At some point I would think that with the kinds of talent companies like cisco, dlink, etc employ it would be possible to get a more air tight lockdown on their hardware/firmware.

 

In retrospect though, perhaps they were waiting for something like this to happen to use as a marketing ploy for the 2011 line of hardware. "Now with SECURE DNS features"

[gaoesa]

A well known exploit that is fixable if the manufacturers would put some effort to it (the test failed in about half of the machines). Shouldn't the bug be fixed because it's illegal or anyone using this exploit would be an ahole.

 

These types of exploits can be used in a very safe manner compared to pouring gasoline over someones head. I don't think it is a valid reason for the manufacturers to not fix the problem just because only the bad people know about this and not the public.

 

He is telling about the release beforehand and in that way, he's giving the manufacturers time to respond to this before it is released. Of course, manufacturers can always claim that the problem only exists because someone is going to make a public release of a tool that exploits the problem instead of using it for his own benefit.

 

I'm not exactly saying that these kind of tools should be released but on the other hand, if only the wrong people know about these and manufacturers aren't interested, what else can be done.

[Timberwolf]

Well if you can hack into my router Good luck. Maybe it will work better for you Thne it is for me ..Hell if you get into it I know my cable company is looking to hire someone like you ..The morons i keep getting ask me if my computer is turned on

 

As for that Tom guy ..he made a review on my computer not long ago ..way off ..not a gaming computer unable to upgrade Blah blah blah even made a comment of 1 screen only use

 

Well my video of my comp says diffrent :

 

http://www.youtube.com/watch?v=XyBCDIrE9Uc

[G!NG3R420]

Changing the default login should always be a must. Is there any information reguarding access point security. I mean what would a user find more secure; A Hex Decimal passcode with 1 or multiple keys or a Pass phrase reaching more towards the max of 32 char than the min of 8? If I'm mistaken that they are not breaching the access point first and going straight to the primary router ip and hacking it that way, How would one make sure that the default IP of the router be safe and secure without changing the primary IP and causing problems for the average user that has no understanding of the more advanced router settings?