According to security researcher Craig Heffner, about half the existing models of home routers, including most Linksys, Dell, and Verizon, are vulnerable to being hacked.
The hack relies on tricking people to visit a malicious website. From that point on, the router itself can be hijacked and the poor user redirected pretty much anywhere the hacker wants them to go.
The hack relies on a hack known as "DNS rebinding," something that has been around for nearly 15 years:
The hack exploits an element of the Domain Name System, or DNS, the Internet's method of converting Web page names into IP address numbers. (When you visit Google.com, for instance, a domain name server might convert that name into the IP address 220.127.116.11.) Modern browsers have safeguards that prevent sites from accessing any information that's not at their registered IP address.
But a site can have multiple IP addresses, a flexibility in the system designed to let sites balance traffic among multiple servers or provide backup options.
Heffner's trick is to create a site that lists a visitor's own IP address as one of those options. When a visitor comes to his booby-trapped site, a script runs that switches its alternate IP address--in reality the user's own IP address--and accesses the visitor's home network, potentially hijacking their browser and gaining access to their router settings.
Heffner has tested 30 routers and found about half of them to be vulnerable, through a combination of either a software flaw or a weak settings password.
Think you're safe because you use OpenDNS or Firefox NoScript plug-in? Think again! According to Heffner, this doesn't offer any protection.
So, what to do if your router is vulnerable? Well, check for updates, but if they're not forthcoming, buy a new one. Oh, and change those default passwords, every hackers knows them!