1 min read

Backdoor Still Hidden in Patch for Wi-Fi Routers

Alexandra GHEORGHE

April 22, 2014

Backdoor Still Hidden in Patch for Wi-Fi Routers

Backdoor Still Hidden in Patch for Wi-Fi Routers The backdoor affecting Sercomm wireless DSL routers has not been fixed, and lays hidden in the latest version of the devices` firmware to intercept users` home traffic, according to Ars Technica.

In December 2013, Eloi Vanderbecken discovered hackers could exploit his parents` Linksys Wi-Fi router to gain administrative rights and manipulate local network resources without admin credentials. The device was listening on an undocumented Internet Protocol port number (32764) which allowed him to execute several commands, including running a script and enabling administrator privileges.

Allegedly, the backdoor required the attacker to be on the local network. The raw Ethernet packets were sent from within the local wireless LAN or from the Internet service provider`s equipment. Vanderbeken later reported some routers could be hijacked via the Internet as well, leaving them vulnerable to remote attacks.

As a result, the systems based on the same Sercomm modem, including home routers from Netgear, Cisco and Diamond, have published an update meant to seal the vulnerability. However, the researcher recently disclosed that the communications flaw persists in the new code. The backdoor can be reactivated through a network packet used by “an old Sercomm update tool.” The packet`s payload is an MD5 hash of the router`s model number (DGN1000).

Once the backdoor is turned back on, it monitors TCP/IP traffic and allows hackers to send commands to the router, including a screenshot of its entire configuration. It also gives access to hardware features such as blinking the router`s lights.

Due to the variety of models and manufacturers, the number of devices affected is unknown. The manufacturers have not issued an official response up to this point.

tags


Author



Right now

Top posts

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read
The Top Five Security Risks Smartphone Users Face Today

The Top Five Security Risks Smartphone Users Face Today

July 02, 2021

4 min read
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

July 02, 2021

3 min read
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

June 30, 2021

2 min read
Mobile security threats: reality or myth?

Mobile security threats: reality or myth?

June 13, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Fraud Family cybercrime ring under the spotlight as arrests made in the Netherlands Fraud Family cybercrime ring under the spotlight as arrests made in the Netherlands
Graham CLULEY

July 23, 2021

3 min read
Homoglyph domains used in BEC scams shut down by Microsoft Homoglyph domains used in BEC scams shut down by Microsoft
Graham CLULEY

July 22, 2021

3 min read
China Sets Up New Worrying Vulnerability Disclosure Rules China Sets Up New Worrying Vulnerability Disclosure Rules
Silviu STAHIE

July 20, 2021

1 min read