Router Attack - Broadband Connection - Change Default Password - Immediately
- 6
- Add a Comment
- No Related Post
The folks at Symantec are warning that a new drive-by attack called “Drive-By Pharming” can attack unprotected routers, where the user has not set a new password, and is using the default which is normally is left blank. This new type of attack can re-route traffic and the user is taken to a different location where the hacker has set up his wares for continued attacks.
So how can this be happening? Simple. Wireless routers are extremely popular devices. And most routers now come with some type of a wizard to simplify the setup process for the end user. However, it is up to the user to reconfigure the router, to setup a new admin password, which normally is configured ‘blank’ by default, which allows the user easy access for first time setup.
Also it is up to the user to configure the router using WEP or WPA protections, to prevent unauthorized users from connecting to the user’s router. This is commonly referred to as a ‘drive-by connection’ where a user in a vehicle using a laptop can connect to a wide open router and use the connection freely.
The recommendation is simple. Set up a password for access to your router. This information is usually supplied in the user’s manual or you can obtain the information from the manufacturer’s Web site for your specific make and model of router.
I took a simple approach to setting up my router password. I used a old phone number I had about 20 years ago, including area code plus the name of the first pet I owned as a kid. It might not be 100% hacker proof, but at least I can remember it. In fact, going back into one’s router is not something we normally do day in and day out. I haven’t reconfigured my router since I changed ISPs some eight months ago. Yet I was able to remember the password last evening, when I checked to confirm my password was active on my router, after reading about this latest attack.
Stay safe.
[tags]router, attack, password, broadband, Drive-By Pharming[/tags]
6 Comments
usrbingeek
February 16th, 2007
at 12:55pm
It is not in the wild yet. It was a research project funded by Symantec and carried out by Indiana University: http://www.lockergnome.com/nexus/usrbingeek/2007/02/15/your-router-needs-a-new-password/
But you’re right, everyone still should change their passwords.
Ron Schenone
February 16th, 2007
at 2:12pm
Thanks for the heads up. It still amazes me that my neighbor across the street from my home still has a unsecured network, even after I told him about it.
Oh well.
Mr. Wizard
April 10th, 2007
at 10:35am
I wish more people would pass the word about securing WiFi routers on to their family, friends, and neighbors. I routinely remind my clients to practice safe computing (not as fun as safe sex, but still worthwhile
but they often seem to think I’m paranoid — they might be right about that — and therefore do not heed my advice on the subject. Having articles like yours to point to bolsters my credibility and greatly increases the chances that they will actually use and change passwords religiously, won’t send anything via email that they wouldn’t write on the back of a snailmail postcard, etc.
The ‘Net is not the scary, dangerous place many tech-impaired people think it is, but a few security precautions are definitely in order unless one wants one’s computer to be p0wned. None of my systems has ever been infected with a significant piece of malware unless it was something I wrote myself and put there for testing purposes. (Unlike Robert Morris, I don’t let my viral creations out in the wild, but I do like to know how things work and happen to be into low-level .asm and C/C++ programming.) I wish I could say the same thing about the systems of new clients I take on. I’m amazed that some of said systems ever even worked at all for the owners’ benefit, given the multiple instances of nasties I found running on them. There are people who do millions of dollars worth of financial transactions over the ‘Net each year who seem to think they don’t have to be concerned about encrypting their WiFi links, just because they live in very nice neighborhoods…wardriving is a totally foreign concept to them.
Anyway, thanks again for the good article.
Regards,
FractalZone
Ron Schenone
April 10th, 2007
at 10:46am
Hello Mr. Wizard,
I’m glad you found the information useful. And believe me, I do understand your plight. Having myself been in the PC repair business for some 14 years, I know exactly what you are talking about. People just give you the deer in the headlight look when you mention security.
Like you, I have been virus and spyware free. And I agree that some simple precautions is all that it takes.
All the best, Ron
Farrah
April 17th, 2008
at 4:15pm
Okay.. I found your article usefully warning innocent internet router users our there but I have already set a username and password on mine. Thing is.. I “rarely” sign on to my router and I totally forgot my username and password! Is there a way to set the username and password back to default?
Ron Schenone
April 17th, 2008
at 6:01pm
Hello Farrah,
There should be a reset bottom on the back or bottom of the unit. Use a paper clip to hold in the button for about 5, 10 seconds or longer. Can’t find the reset button on your unit? Check at the OEM’s site or in your user manual.