Researchers outline Wi-Fi router hijacking via browser

Researchers outline Wi-Fi router hijacking via browser

Summary: Two security researchers have outlined how hackers can use a Web browser and a little Shockwave file to exploit most Wi-Fi routers.Ryan Naraine interviewed two researchers, Adrian Pastor and Petko D.

SHARE:
7

Two security researchers have outlined how hackers can use a Web browser and a little Shockwave file to exploit most Wi-Fi routers.

Ryan Naraine interviewed two researchers, Adrian Pastor and Petko D. Petkov, at the GNUCITIZEN think tank. Their big conclusion: It's trivial to construct "a massive router botnet" using a common protocol baked into modern routers.

GNUCITIZEN provides the details in a document and FAQ. For what it's worth I found the FAQ to be much more straightforward. In a nutshell, most routers use a protocol called Universal Plug and Play (UPnP) by default. Since UPnP can be accessed without authorization, a malicious Flash file can send messages. In other words, a hacker can reconfigure the router to do what he wants including redirects, reset admin credentials and all settings.

The easiest solution is to disable UPnP in your router, according to GNUCITIZEN. Taken further these flaws could create quite a bit of havoc on a municipal Wi-Fi network.

Topics: Wi-Fi, Browser, Networking

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

7 comments
Log in or register to join the discussion
  • So Change the UPnP settings

    The fix is to disable UPnP in the router. If the manufacturer would leave it disabled by default there would be no problem. I always turn of UPnP on our imaged computers and all of our routers because it's not secure and really not needed for real PnP devices.<br><br>

    Pepole need to read or hire someone to set up their home networks if they want to be safe. That is why we now have the Geek Squad and FireDog. My contract home consulting is mainly networking and spyware, so I thank the router manufacturers for making things unsecure and harder than they need to be to set up.
    k12IT
  • I just checked every router we have

    and we have four different kinds, and on all of them, UPnP is DISABLED by default. So while it's good that you're putting this notice out there, I think most people will be more vulnerable due to not having WPA or WPA2 set by default than by this.
    Michael Kelly
    • The last two Netgear WiFi...

      routers I installed had UPnP on by default. What are the 4 kinds you looked at?
      bjbrock
      • Belkin, Netgear, Linksys

        Two kinds of Belkins actually, a pre-N and a G, and the Netgear and Linksys routers were all G.
        Michael Kelly
  • Steve Gibson has been saying to turn this off for a long time! (NT)

    (NT)
    hjagla
  • Xbox 360 maybe hijacking your wifi.

    http://www.networkworld.com/news/2008/011108-microsoft-xbox-wireless-signal.html?t51hb
    bjbrock
  • NoScript blocks this - I asked Giorgio

    Best to turn off UPnP of course. Once you've done that, NoScript definitely protects Firefox users from the scripting attacks. How do I know? I just asked Giorgio Maone, author of NoScript. If you aren't using Firefox to surf on wireless, you're either crazy or ignorant.

    http://hackademix.net/2008/01/12/malware-20-is-now/
    Don Collins