2 min read

UK ISP Had 6 Million Routers Vulnerable for a DNS Vulnerability for 18 Months

Silviu STAHIE

November 22, 2021

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
UK ISP Had 6 Million Routers Vulnerable for a DNS Vulnerability for 18 Months

Security researchers have revealed that around 6 million Sky routers have been affected by a DNS rebinding vulnerability that would have let attackers control any router in the past 18 months.

Internet service providers (ISP) often offer their own routers to people who subscribe to their services. The problem is that ISPs have to provide proper support for those routers, or customers might keep vulnerable devices in their network.

Routers are all the most important as they are usually home guardians as well, acting as gatekeepers to our kingdoms. A crack in that “wall” is much less than ideal. Whether the exploit has been used in the wild is unclear.

Sky’s routers have been affected until recently by a DNS rebinding vulnerability that could have allowed attackers to remotely take over devices, especially those still using the default credentials. People who connected to the Internet from behind one of those routers could have been tricked into clicking on a link that let remote attackers redirect DNS traffic and eventually take control.

From there, obtaining the Wi-Fi password, enabling DMZ servers, or simply forwarding ports would have been trivial, eventually giving an attacker a legitimate way to enter the network.

“With remote management enabled, the attacker could connect directly to the router’s web application and modify any settings, such as setup up a DMZ server or configure port forwarding, exposing the internal home network to the internet,” said the Pen Test Partners researchers.

“Affected models: Sky Hub 3, 3.5 and Booster 3 (ER110, ER115, EE120) Sky Hub 2 and booster 2 (SR102, SB601) Sky Hub (SR101). The Sky Hub 4 and Booster 4 (SR203, SE210) were also affected by the DNS rebinding vulnerability, however, every device comes with a random administrator password, limiting the ease of attack as the password must be brute forced,” they added.

While it’s not uncommon to find vulnerabilities in routers, taking 18 months to fix the issue is not ordinary. The researchers initially provided Sky with the regular 90 days window and extended way past that mark when the pandemic hit.

The initial report came on May 11, 2020, but the ISP managed to cover 50% of the user base with a patch by May 2021. The latest messages from the company said that they managed to update 99% of the routers, 18 months later, in October 2021.

tags


Author



Right now

Top posts

The Holiday Guide to Tech Support: Fixing the Family Computer

The Holiday Guide to Tech Support: Fixing the Family Computer

November 24, 2021

2 min read
Bitdefender Celebrates 20 Years of Cybersecurity Leadership

Bitdefender Celebrates 20 Years of Cybersecurity Leadership

November 04, 2021

3 min read
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

October 26, 2021

3 min read
What are drive-by download attacks and how do you prevent them?

What are drive-by download attacks and how do you prevent them?

October 25, 2021

2 min read
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

October 22, 2021

2 min read
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

October 20, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Phishers Targeting Victims with ‘Free’ PCR Test for Omicron COVID-19 Variant Phishers Targeting Victims with ‘Free’ PCR Test for Omicron COVID-19 Variant
Filip TRUȚĂ

December 03, 2021

2 min read
WordPress Plugin Vulnerability Affected More than 80,000 Websites; Patch Is Now Out WordPress Plugin Vulnerability Affected More than 80,000 Websites; Patch Is Now Out
Silviu STAHIE

December 03, 2021

1 min read
Man charged with Ubiquiti data breach and extortion was employee assigned to investigate hack Man charged with Ubiquiti data breach and extortion was employee assigned to investigate hack
Graham CLULEY

December 03, 2021

2 min read