Elephant in the Home Office

A new exploit hits home for users who don't lock down their WLAN and broadband routers

February 15, 2007

1 Min Read
Network Computing logo

3:20 PM -- I used to actually worry about my neighbor war driving or piggybacking off my WLAN. But did that get me to change the default password on my wireless router?

(OK, so first you should know that I live in a remote, mountainous area, where a next-door neighbor is a hike away. So piggybacking and war driving would be tricky, to say the least.)

But this latest "no-need to be nearby to drive-by" pharming exploit, developed by researchers at Symantec and Indiana University, has prompted a sudden interest in my WLAN router's password documentation. And if you've been lax about locking down your home or small business broadband router or WAP, the researchers say you'd better do the same. (See New 'Drive-By' Attack Is Remote.)

The exploit is actually quite simple to execute. But like most Web-based attacks, it relies on a user being duped into visiting a fake Website to get infected with the JavaScript malware that does the dirty deed on your router. If you do so, the malware changes its Domain Name System (DNS) settings so you go to more fake Websites, which can lift any personal information you provide. But if you're smart about the sites you visit, you should be safe.

Perhaps the most disturbing part about this proof-of-concept attack is that it goes after such an obvious, and oft-neglected, entry point. Default broadband router settings are mostly public knowledge, and the public mostly ignores the fact they need to reset them.

— Kelly Jackson Higgins, Senior Editor, Dark Reading

Stay informed! Sign up to get expert advice and insight delivered direct to your inbox

You May Also Like

More Insights