To help personalise content, tailor your experience and help us improve our services, Bisinfotech.com uses cookies.
By navigating our site, you agree to allow us to use cookies, in accordance with our Privacy Policy.

US Security Official Confirms Netgear Router ‘Hacked’

Netgear Router

A fugitive revelation has been done by a security researcher in the US asserting that he discovered altered admin settings on his personal router on 28 September – explains that the router was hacked to send web browsing data to a malicious internet address.

Reacting on the flaw, Netgear says the vulnerability is “serious” but affects fewer than 5,000 devices.

Giron found that the Domain Name System (DNS) settings on his router had been changed to a suspicious IP address.

“Normally I set mine to Google’s [IP address] and it wasn’t that, it was something else,” he said.

“For two or three days all my DNS traffic was being sent over to them.”

This means that the attacker could have tracked what websites Giron was visiting, or even redirected him to malicious sites had they chosen to do so.

‘Serious’ bug

The vulnerability itself has been documented by security researchers at Compass Security and Shellshock Labs in recent months.

“Is it serious? Yes it definitely is,” said Jonathan Wu, senior director of product management at Netgear, one of the top three router brands in the US.

“Because whenever anybody gets access to your router, they can alter settings to direct traffic to places you don’t want it to go to.”

The vulnerability allows attackers to gain access to the router settings without needing to provide login credentials, according to security researchers Daniel Haake and Alexandre Herzog of Compass Security in Switzerland.

Imminent patch

While a patch has not been available for the firmware on the affected devices to date, according to reports Netgear has confirmed that one will be released on 14 October.

Wu said that Netgear router owners would be prompted to update their firmware if they logged into their router’s admin settings or if they had the Netgear genie app installed on their computer, tablet or smartphone.

It’s problematic that firmware updates can’t be automatically “pushed” to routers, according to Mark James, IT security specialist at Eset.

“The average user will throw the router in place and just use it,” he told the BBC.

“The biggest problem that we have with these types of scenarios is people don’t keep the software up-to-date.”

What’s more, anti-virus software for computers doesn’t generally cover vulnerabilities on routers meaning that it would not detect such problems.

Tags
Show More

BiS Team

BIS Infotech is a vivid one stop online source protracting all the exclusive affairs of the Consumer and Business Technology. We have well accomplished on delivering expert views, reviews, and stories empowering millions with impartial and nonpareil opinions. Technology has become an inexorable part of our daily lifestyle and with BIS Infotech expertise, millions of intriguers everyday are finding for itself a crony hangout zone.

Related Articles

Check Also

Close