While PCs, tablets and smartphones ship with built-in defences that make them hard to target, the Wi-Fi routers most families rely on to deliver internet through the home are often vulnerable - an “open window” for criminal gangs.
Any gadget connected to the network can be directed to fake bank sites, for instance, or sent to fake versions of webmail sites, or showered in malicious adverts for fake or dangerous products.
Failing to update firmware on Wi-Fi routers, or change passwords, can allow cybercriminals to invisibly alter settings in Wi-Fi routers to steal money from online banking services, steal passwords, and redirect innocent web users to false websites created by criminals.
The attack comes as the Internet Storm Centre issued a warning about a mysterious computer worm called Moon, which can infect Linksys routers instantly without requiring a password - and is spreading rapidly.
Worryingly, most commercially availabe routers are vulnerable - last week, security firm Tripwire found that 80% of the top selling small office/home office routers on Amazon have ‘critical’ security weaknesses, which allow cybercriminals free rein to attack.
Most families don’t update their devices, and fail to change passwords, which makes the job of cybercriminals easily. Team Cymru, the specialist security company which discovered the worldwide attack on 300,000 routers, which began in January 2014, affects multiple brands of router, including devices from D-Link, Micronet and others.
With so many devices vulnerable, families should ensure they've updated their router's firmware - accessible by connecting a PC to the device via Ethernet - and changed the gadget's passwords (not the wireless ones, the ones in the machine) from defaults such as "admin" and "password".
Team Cymru says that so far, “We have not seen any use for this pool of victims - but it’s only a matter of time.”
Team Cymru said that cybercriminals exploited Wi-Fi routers precisely because they were an easy target - a digital back door most families leave open, “Consumer unfamiliarity with configuring these devices, as well as frequently insecure default settings… make wireless routers a very attractive target for cybercriminals”
In Poland, a separate gang targeted online banking sites via a similar attack. The motives of the creators of Moon - so called because it features images from the film of the same name within its computer code - are less clear.
What is clear is that wireless routers pose a real risk - Tripwire found that around a quarter of the top-selling routers on Amazon had vulnerabilities that were known and published online, enabling cybercriminals to write attacks to target them easily.
“Routers are an ideal target for cyberattackers. After an attacker has gained control of a router, they are able to monitor, redirect, block or otherwise tamper with a wide range of online activities,” Tripwire said.
“The recent discovery of ‘The Moon’ worm currently infecting exposed Linksys routers indicates that threats to routers will continue to increase as malicious actors recognize how much information can be gained by attacking these devices,” said Craig Young, security researcher for Tripwire.
“Unfortunately, users don’t change the default administrator passwords or the default IPs in these devices and this behaviour, along with the prevalence of authentication bypass vulnerabilities, opens the door for widespread attacks through malicious web sites, browser plugins, and smartphone applications.”
Source : Yahoo
0 komentar:
Post a Comment