Sign in with
Sign up | Sign in

Millions of Home Routers Will Soon Be Hacked

By - Source: Tom's Guide US | B 76 comments

A researcher plans to launch a hacking tool that will break into millions of home networks. Oh, and have a nice day while you're at it.

Now here's something to be worried about: according to report first published by Forbes, a researcher from Maryland-based security consultancy Seismic plans to release a software tool that will hack into millions of routers used on home networks. The tool is expected to be made available during the upcoming Black Hat security conference in Las Vegas, and will have the ability to hack into routers manufactured by Linksys, Dell, Verizon (Fios, DSL) and more.

Apparently the tool uses a variation on a technique known as "DNS rebinding." It takes advantage of an age-old problem with the DNS system where websites balance traffic by offloading visitors to additional IP addresses. "There have been plenty of patches over the years, but this still hasn't really been fixed," said Craig Heffner, the researcher behind the hacking tool.

Heffner's tool works something like this: web surfers are tricked into visiting a website that contains special script--this script changes the DNS of the website and instead uses the DNS of the visitor, granting the hacker access the user's home network. The hacker could then hijack the browser and access the router's settings.

Current browsers have safeguards the prevent hackers from performing the DNS rebinding trick. However Heffner has found a way around those roadblocks, and apparently it wasn't a difficult task. "The way that [those patches] are circumvented is actually fairly well known," Heffner said. "It just hasn't been put together like this before."

Could your router be one of the models susceptible to Heffner's attack? Find out by locating your model on this list. Out of 30 models he tested, Heiffner said that about half were vulnerable.

The good news here is that his method of attack requires the hacker to compromise the victim's router after gaining access to the home network. One of the best ways to keep hackers out of the router is to change the default login password, and keep the firmware up-to-date.

Still, why make this hacking tool available for the public? Why would any "researcher" put millions of users at risk of hijacking and data theft? Simple. To draw attention and (finally) get the problem fixed.

"I’m not the first to give a Black Hat talk on DNS rebinding, and I won’t be last," he said. "Everyone has had ample time to fix this."

Discuss
Display all 76 comments.
This thread is closed for comments
Top Comments
  • 26 Hide
    Sabiancym , July 21, 2010 8:00 PM
    Good, maybe it'll get fixed.
  • 25 Hide
    JonathanDeane , July 21, 2010 8:06 PM
    Awesome my old router is not vulnerable, best 5$ I ever spent... lol
  • 23 Hide
    hellwig , July 21, 2010 8:32 PM
    Hmm... yeah, cause grandma and mom and dad and your aunt susan and brother-in-law phil all know what firmware is and what "update your firmware" means. Is this guy releasing the hack going to go into the millions of homes that currently use these routers and upgrade them? No? Even if Linksys and Netgear and everyone updates their products, the defective products will still exist in peoples homes. Is this researcher going to refund everyone the money they spent on insecure routers so they can buy new routers? No?

    Then I guess all this asshole has done is give script kiddies more tools to hack unsuspecting individuals. Way to go, like we need more dickheads in the world.
Other Comments
  • 26 Hide
    Sabiancym , July 21, 2010 8:00 PM
    Good, maybe it'll get fixed.
  • 25 Hide
    JonathanDeane , July 21, 2010 8:06 PM
    Awesome my old router is not vulnerable, best 5$ I ever spent... lol
  • 3 Hide
    jomofro39 , July 21, 2010 8:06 PM
    Damn it.
  • 6 Hide
    otacon72 , July 21, 2010 8:07 PM
    I just checked my router's password...lol Wasn't sure if I had changed it.
  • -5 Hide
    jackson1420 , July 21, 2010 8:11 PM
    lulz
  • -5 Hide
    ik242 , July 21, 2010 8:12 PM
    Yep
  • 3 Hide
    danimal_the_animal , July 21, 2010 8:17 PM
    m0n0wall

    :) 
  • 3 Hide
    IFLATLINEI , July 21, 2010 8:20 PM
    One word - SMOOTHWALL. Even before this it was not uncommon knowledge that consumer grade routers are a joke.
  • 19 Hide
    stingstang , July 21, 2010 8:26 PM
    Still need to 'trick' the user in to visiting a website. Good luck with that one.
    BUT I hear 92.7% of Americans get this optical illusion wrong! I gotta prove that I can get it right!
  • 23 Hide
    hellwig , July 21, 2010 8:32 PM
    Hmm... yeah, cause grandma and mom and dad and your aunt susan and brother-in-law phil all know what firmware is and what "update your firmware" means. Is this guy releasing the hack going to go into the millions of homes that currently use these routers and upgrade them? No? Even if Linksys and Netgear and everyone updates their products, the defective products will still exist in peoples homes. Is this researcher going to refund everyone the money they spent on insecure routers so they can buy new routers? No?

    Then I guess all this asshole has done is give script kiddies more tools to hack unsuspecting individuals. Way to go, like we need more dickheads in the world.
  • 2 Hide
    chickenhoagie , July 21, 2010 8:33 PM
    very smooth trick to gain quick access to someones router..but anyone would be quite the fool to not use a good password for their router.
  • 3 Hide
    kittle , July 21, 2010 8:36 PM
    heh.. change the default router password is one of the first things I do.. and instruct my parents to do as well.
  • 2 Hide
    drutort , July 21, 2010 8:45 PM
    all they have do really is have a feature (for new firmware/routers) that you cant have internet access until you changed the default password :p  i dont know why they havent done that, having default pass is stupid its only there to do a hard reset (physically) oh well i guess lots of companies are going to get lots of complaints... suits them right... but feel sorry for all the ppl who dont have a clue what firmware means... or that they can even get into a router...
  • 3 Hide
    sentinelcomputers , July 21, 2010 8:45 PM
    I believe the intent here is to force the router manufacturers to address this problem in a meaningful fashion. He's really not giving something new to the hacker community. This is an old and well-known vulnerability.

    The bottom line is that the destination site must be corrupted with the appropriate script. A site like Tom's isn't likely to do that; and sites that would (porns sites primarily), already use browser vulnerabilities to disseminate malware.
  • 6 Hide
    meat81 , July 21, 2010 8:49 PM
    Still, why make this hacking tool available for the public? Why would any "researcher" put millions of users at risk of hijacking and data theft?

    To sell the fix to millions and get rich..
  • 2 Hide
    sandmanwn , July 21, 2010 8:50 PM
    got a Honey Pot setup for people like this. I'll be watching you fail.
  • 1 Hide
    antilycus , July 21, 2010 8:50 PM
    you'll never make a system 100% secure. it will N E V E R happen. Not even your high priced CISCO boxes, with the command scripts can make it 100%. Hell look at upnp, it's based off of a syntax/infrastructure that died in 2001 but its still used today. GRE is the way in.
  • 9 Hide
    teknic111 , July 21, 2010 8:51 PM
    @extremepcs...your wpa2 + radius + complex password will not protect you from this kind of attack!
  • 5 Hide
    antilycus , July 21, 2010 8:51 PM
    also for a classic example on how this wont make a lick of difference look at how Symantec Antivirus is still one of the most purchased corporate solutions. Yet its success rate is worse than the Kansas City Royals!
Display more comments
Tom’s guide in the world
  • Germany
  • France
  • Italy
  • Ireland
  • UK
Follow Tom’s guide
Subscribe to our newsletter