Security firm finds 300,000 home routers hacked

March 4, 2014 by Bob Yirka report

( —Nonprofit American security firm Team Cymru (Celtic world for Wales) has announced that they have uncovered a hacking scheme that has impacted at least 300,000 routers used by people in their homes. Reps for the firm say that while the hack appears ominous, there is no evidence as yet to suggest that the hack was used for whatever purpose it was designed.

Hacker attacks on home generally take two approaches, though both rely on the same strategy—namely, accessing the router and changing a table to redirect domain name server (DNS) queries. DNS servers are the machines that convert native language web names, to IP addresses. What this means, for example, is that a user accessing a compromised router might use the link on their browser's "favorites" bar, to access their . But instead of being routed to their bank, they are instead routed to a web page on a fake server that looks just like the real one. When the user types in their login information, it is stolen by the hackers, who use it to drain the account. That's the first approach (and the one used in the infamous attack carried out in Poland recently). Since it takes a great deal of effort to pull off, most hackers seem to instead prefer to redirect users to their expected site, but replace ads with their own, or add code that runs on user computers when they visit certain sites.

Reps for Team Cymru report that the hacked routers were mostly in Vietnam and other countries where many people are still using older, less well protected routers. They also note that it doesn't appear that the hackers actually misrouted users, thus, the hack is a mystery still. Interestingly, they note that the hacked routers all used just two IP addresses, both UK based. The companies that hold those two addresses have been notified regarding the hacking activity as have all the companies that make the routers that were hacked. Team Cymru suggests users take added precautions to safeguard their routers, such as being sure to password protect it (with a good password) and to occasionally check to see if unknown entities show up on their network.

Explore further: Kosovo group claims hack of US weather service

More information: Report PDF:

Related Stories

Kosovo group claims hack of US weather service

October 19, 2012

The US National Weather Service computer network was hacked this week, with a group from Kosovo claiming credit and posting sensitive data, security experts said Friday.

Router compromise, rogue remote control? Easy, says ISE

April 21, 2013

( —Router hacking is joining the ranks of computer security headaches, where the wireless router becomes the key target for those seeking to trespass into someone else's network. The remote attacker can take full ...

'Smart' homes open doors to hackers

July 30, 2013

Smart homes that let residents control alarms, locks and more over the internet are opening doors for crooks with hacker skills, according to computer security specialists.

Fixes in the works for Moon-struck Linksys routers

February 18, 2014

( —Self-replicating malware has struck some older Linksys routers and Linksys has acknowledged awareness of the malware, called "TheMoon." They plan to make firmware fixes for all affected products available "Linksys ...

Recommended for you


Adjust slider to filter visible comments by rank

Display comments: newest first

5 / 5 (2) Mar 04, 2014
Point of information: "Cymru" is the WELSH word for Wales. Thanks.
5 / 5 (1) Mar 05, 2014
Perhaps the hackers were testing their skill and checking for pitfalls, to see what they could get away with. Dry run for a much bigger and nastier plan?
Cheers, DH66

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.