Many owners of Netgear routers are at high risk of being getting hijacked by hackers as a serious security void hole was found by researchers.
These are found by the security researcher Simon Kenin from the Trustwave and he shared the information with the folks at the Netgear. The company has managed to patch some bugs but still, it seems that some routers are still open to hackers.
The security problem found here allows the attackers to access the router and collect the admin access passwords. Any remote hacker can use this vulnerability if remote administration is set to the Internet facing. Basically, this feature is turned off, but anyone with the physical access to a network that has a Netgear router can easily exploit it locally. A general example of this scenario is a café with public WiFi or some other place which offers a relatively similar feature.
We know that most people choose to reuse their passwords. So, once an attacker gains the admin password, he can check all the devices that are connected in that network and try to access them with the same password(which might actually work considering how many network admins do not take security seriously).
Kenin also pointed out that, by using the existing malware along with ever so popular Mirai botnet can change all the infected devices into bots. If that is not possible, he can change the DNS to further infect more machines on the network.
The researcher came upon this flaw almost a year ago. He figured out that he could trigger an error message on his own router, and then the router could be tricked into revealing the numerical code that can be used with the password recovery tool to get the admin credentials.
Latest posts by William Fieldhouse (see all)
- Latest Hacking News Podcast #13 - April 17, 2018
- Latest Hacking News Podcast #12 - April 16, 2018