Many Home Routers Compromised! (Warning)

Find deals on ebay
Advertise with us
Amazon
QuadraphonicQuad

Help Support QuadraphonicQuad:

This site may earn a commission from merchant affiliate links, including eBay, Amazon, and others.
HomerJAU

HomerJAU

Moderator: MCH Media Players
Staff member
Moderator
Moderator
Joined
Jun 13, 2013
Messages
5,932
Location
Melbourne, Australia
I noticed my Netgear Router playing up (Switching between secure HTTPS and non-Secure HTTP) while logging into Amazon. I went to change my password after and it did it again. So even the new password was 'open' and compromised.

I've now replaced my old Netgear router (2.5 years old). Many home routers have been hacked and everything you do can be read by hackers. Credit Card numbers, passwords, email. Everything!

https://www.zdnet.com/article/vpnfilter-malware-now-targeting-asus-d-link-huawei-zte/

I purchased a Synology RT2600ac but they have a cheaper RT1900ac router. Why? Because these guys supply updated firmware all the time to patch security threats. My Netgear had had no firmware update for over 2 years.

This is a serious threat to everyone running a typical home router. Read about it and do something!!

And don't just think 'its the Russians'. Any individual, company or government can use these security holes to breach your privacy!
 
About 10 minutes ago I had a popup from my Norton Anti Virus software mentioning VPN Filter Malware...one of those frequent ads that Norton gives me...I paid zero attention to it as it appeared to be another effort to increase my Norton software package...
 
Yeah - Snood updated me Netgear Router Firmware the first day it was mentioned like 2 weeks ago.........and if Snood can do it then anyone can - just be sure not to shut off PC before it is done.

Just gotta log into your router - download the latest firmware, then just run it tada :cool:
 
HomerJAU said:
I purchased a Synology RT2600ac but they have a cheaper RT1900ac router. Why? Because these guys supply updated firmware all the time to patch security threats. My Netgear had had no firmware update for over 2 years.
Click to expand...

I had heard about this but didnt actually realize it was so serious. Geez my router is close to 7-8 years old I bet. A dual band Visio that came from a big box store. I don't think its ever been updated.

Homer, the RT2600 runs about $200 USD the RT1900 runs about $120. what do I get for the additional cost?
 
HomerJAU said:
Yes but how old is the firmware? If it’s not dated in last couple of weeks it still be knackered
Click to expand...
our router is a Spectrum owned unit. it's a year old, not listed on the article. I wonder though. but the kid seems to know he says it's OK. WTF do I know? I'm what a dreaded for 20 yrs, I'm my dad!!!
 
LuvMyQuad said:
I had heard about this but didnt actually realize it was so serious. Geez my router is close to 7-8 years old I bet. A dual band Visio that came from a big box store. I don't think its ever been updated.

Homer, the RT2600 runs about $200 USD the RT1900 runs about $120. what do I get for the additional cost?
Click to expand...

RT2600 will probably give an extra 5 GHz band. Useful if you have a large number of devices on the network using Wi Fi. Whether you will actually benefit from the higher model depends entirely on your use case. I suggest reading up on some the reviews for each router before deciding. Sometimes the higher powered/numbered model can actually perform worse.
 
I just have what Windstream gave me recently, it just says it's a T3200. It's your average double-twisted wire DSL modem/router I reckon. Never seen Windstream ever offer firmware updates for their modem/routers.
 
Made me go and have a look, I use my internet provider's router (auto updates) and it's firmware was only updated a week or so ago.
 
Tried to read up on this until my eyes glazed over.
I'll look for new firmware soon enough just because. But a sanity check. Doesn't this need remote management enabled? Also, usually "hackers" go after more sure things. Like a bank or online business where they can grab 100,000 credit card numbers at once. Not individual personal computers that might turn up a debit card number number to a bank account with no money in it at some point. Looking for return for the risk.
Again, not to be dismissive or suggest inaction but is that wrong?
 
jimfisheye said:
Tried to read up on this until my eyes glazed over.
I'll look for new firmware soon enough just because. But a sanity check. Doesn't this need remote management enabled? Also, usually "hackers" go after more sure things. Like a bank or online business where they can grab 100,000 credit card numbers at once. Not individual personal computers that might turn up a debit card number number to a bank account with no money in it at some point. Looking for return for the risk.
Again, not to be dismissive or suggest inaction but is that wrong?
Click to expand...
Good question.
 
Did a little research on this, and found the following from a Comcast employee from 5/22/18:

"Hello all, within hours of learning of this issue, we shut down the ability to log into our equipment activation Web site using an account number and address. Xfinity Internet service can still be activated using one of the other two methods (Mobile Phone Number or Xfinity Username and Password). At no time did the site enable anyone to access customers' personal usernames and passwords, and we have no reason to believe that any account information was accessed. We are conducting a thorough investigation and will take all necessary steps to ensure it does not happen again. We are also reviewing all of our authentication practices to ensure they fully protect the privacy and security of our customers."

The degree to which this is true is up for verification, but this is what I found.
 
jimfisheye said:
Tried to read up on this until my eyes glazed over.
I'll look for new firmware soon enough just because. But a sanity check. Doesn't this need remote management enabled? Also, usually "hackers" go after more sure things. Like a bank or online business where they can grab 100,000 credit card numbers at once. Not individual personal computers that might turn up a debit card number number to a bank account with no money in it at some point. Looking for return for the risk.
Again, not to be dismissive or suggest inaction but is that wrong?
Click to expand...
Your computer can be compromised in many ways, most of them that can hardly detected by the average users. Just to give a couple of examples, a laptop can be used to "seed" (cannot remember the right English word) bitcoins. Managing bitcoins require a huge amount of processing capacity and one of the cheapest ways to take it is by infecting vulnerable laptops.
Another typical infection consists on leaving a dormant virus in your PC that can send on demand coordunated ping or DNS attacks against a certain server (DoS attacks). This is not science fiction and is done quite often.
I would not become paranoid, as at our regular user level and with our antivirus and usually firewalls, any computer can be compromised.
But at least let's put things a bit more complicated to the hackers, shouldn't we?
 
César said:
Your computer can be compromised in many ways, most of them that can hardly detected by the average users. Just to give a couple of examples, a laptop can be used to "seed" (cannot remember the right English word) bitcoins. Managing bitcoins require a huge amount of processing capacity and one of the cheapest ways to take it is by infecting vulnerable laptops.
Another typical infection consists on leaving a dormant virus in your PC that can send on demand coordunated ping or DNS attacks against a certain server (DoS attacks). This is not science fiction and is done quite often.
I would not become paranoid, as at our regular user level and with our antivirus and usually firewalls, any computer can be compromised.
But at least let's put things a bit more complicated to the hackers, shouldn't we?
Click to expand...
All of those things would require a network connection to the outside world. As soon as any app tried to call home like that, my network monitor (Little Snitch) would make it ask for permission. Something I didn't grant network permission to would get my attention by asking and alert me to take action.

That part is all well and good for the computer. But this malware we're talking about lives on the router. It can call home any time but nothing can get into the computer that can call home. Is that still correct?
 
Last edited:
You must log in or register to reply here.

Latest posts

Back
Top