Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Elephant in the Home Office

3:20 PM -- I used to actually worry about my neighbor war driving or piggybacking off my WLAN. But did that get me to change the default password on my wireless router?

(OK, so first you should know that I live in a remote, mountainous area, where a next-door neighbor is a hike away. So piggybacking and war driving would be tricky, to say the least.)

But this latest "no-need to be nearby to drive-by" pharming exploit, developed by researchers at Symantec and Indiana University, has prompted a sudden interest in my WLAN router's password documentation. And if you've been lax about locking down your home or small business broadband router or WAP, the researchers say you'd better do the same. (See New 'Drive-By' Attack Is Remote.)

The exploit is actually quite simple to execute. But like most Web-based attacks, it relies on a user being duped into visiting a fake Website to get infected with the JavaScript malware that does the dirty deed on your router. If you do so, the malware changes its Domain Name System (DNS) settings so you go to more fake Websites, which can lift any personal information you provide. But if you're smart about the sites you visit, you should be safe.

Perhaps the most disturbing part about this proof-of-concept attack is that it goes after such an obvious, and oft-neglected, entry point. Default broadband router settings are mostly public knowledge, and the public mostly ignores the fact they need to reset them.

— Kelly Jackson Higgins, Senior Editor, Dark Reading

  • Symantec Corp. (Nasdaq: SYMC)