New Attack Targets "Millions" of Home Routers

Paul Lilly

Stop whatever it is you're doing and visit your router manufacturer's website. Once there, drill down to the firmware section and bookmark that page, and then get in the habit of checking it regularly. The reason? Millions of routers are about to become extinct (sort of).

At this year's Black Hat security conference in Las Vegas, one of the items on the agenda is "How to Hack Millions of Routers," an alarming keynote in which Craig Heffner, a researcher with security firm Seismic, plans to release a software tool he says is capable of cracking half of all routers in existence.

This isn't a new technique, but an altered version of "DNS rebinding," something that has been talked about for more than a decade.

"There have been plenty of patches over the years, but this still hasn't really been fixed," Heffner says.

In short, the hack exploits part of the Domain Name System (DNS) so that when an unsuspecting visitor surfs to a compromised site, their browser ends up hijacked, giving the attacker access to their router settings. Browser makers have already patched earlier versions of this attack, but according to Heffner, it's all for naught.

"The way that [those patches] are circumvented is actually fairly well known," Heffner explains. "It just hasn't been put together like this before."

More info here , including a small sample of routers Heffner has demonstrated this attack on.

Around the web