Security firm finds 300,000 home routers hacked

Mar 04, 2014 by Bob Yirka report
Affected'router'distribution'heatmap'visualization

(Phys.org) —Nonprofit American security firm Team Cymru (Celtic world for Wales) has announced that they have uncovered a hacking scheme that has impacted at least 300,000 routers used by people in their homes. Reps for the firm say that while the hack appears ominous, there is no evidence as yet to suggest that the hack was used for whatever purpose it was designed.

Hacker attacks on home generally take two approaches, though both rely on the same strategy—namely, accessing the router and changing a table to redirect domain name server (DNS) queries. DNS servers are the machines that convert native language web names, to IP addresses. What this means, for example, is that a user accessing a compromised router might use the link on their browser's "favorites" bar, to access their . But instead of being routed to their bank, they are instead routed to a web page on a fake server that looks just like the real one. When the user types in their login information, it is stolen by the hackers, who use it to drain the account. That's the first approach (and the one used in the infamous attack carried out in Poland recently). Since it takes a great deal of effort to pull off, most hackers seem to instead prefer to redirect users to their expected site, but replace ads with their own, or add code that runs on user computers when they visit certain sites.

Reps for Team Cymru report that the hacked routers were mostly in Vietnam and other countries where many people are still using older, less well protected routers. They also note that it doesn't appear that the hackers actually misrouted users, thus, the hack is a mystery still. Interestingly, they note that the hacked routers all used just two IP addresses, both UK based. The companies that hold those two addresses have been notified regarding the hacking activity as have all the companies that make the routers that were hacked. Team Cymru suggests users take added precautions to safeguard their routers, such as being sure to password protect it (with a good password) and to occasionally check to see if unknown entities show up on their network.

Explore further: Fixes in the works for Moon-struck Linksys routers

More information: Report PDF: www.team-cymru.com/ReadingRoom… ymruSOHOPharming.pdf

add to favorites email to friend print save as pdf

Related Stories

Router compromise, rogue remote control? Easy, says ISE

Apr 21, 2013

(Phys.org) —Router hacking is joining the ranks of computer security headaches, where the wireless router becomes the key target for those seeking to trespass into someone else's network. The remote attacker ...

Fixes in the works for Moon-struck Linksys routers

Feb 18, 2014

(Phys.org) —Self-replicating malware has struck some older Linksys routers and Linksys has acknowledged awareness of the malware, called "TheMoon." They plan to make firmware fixes for all affected products ...

Kosovo group claims hack of US weather service

Oct 19, 2012

The US National Weather Service computer network was hacked this week, with a group from Kosovo claiming credit and posting sensitive data, security experts said Friday.

'Smart' homes open doors to hackers

Jul 30, 2013

Smart homes that let residents control alarms, locks and more over the internet are opening doors for crooks with hacker skills, according to computer security specialists.

Recommended for you

Scalping can raise ticket prices

14 hours ago

Scalping gets a bad rap. For years, artists and concert promoters have stigmatized ticket resale as a practice that unfairly hurts their own sales and forces fans to pay exorbitant prices for tickets to sold-out concerts. ...

User comments : 2

Adjust slider to filter visible comments by rank

Display comments: newest first

Pattern_chaser
5 / 5 (2) Mar 04, 2014
Point of information: "Cymru" is the WELSH word for Wales. Thanks.
DarkHorse66
5 / 5 (1) Mar 05, 2014
Perhaps the hackers were testing their skill and checking for pitfalls, to see what they could get away with. Dry run for a much bigger and nastier plan?
Cheers, DH66