Google
 

Aardvark Daily

New Zealand's longest-running online daily news and commentary publication, now in its 21st year. The opinion pieces presented here are not purported to be fact but reasonable effort is made to ensure accuracy.

Content copyright © 1995 - 2016 to Bruce Simpson (aka Aardvark), the logo was kindly created for Aardvark Daily by the folks at aardvark.co.uk



Please visit the sponsor!
Please visit the sponsor!

When hkrz pwn your router

19 December 2016

Most computer users are familiar with the need for using anti-virus software on their machines, so as to avoid the worst of the evil payloads that evil little sods would use to infect your system.

In fact, there's a huge industry now built around protecting your PC, laptop, tablet, smartphone and other devices from the effects of malware.

However, it's beginning to look as if pwning a computer is old-hat. There is now a much greater prize just asking to be pwned.

I'm talking about your DSL/fibre modem/router.

Not only does the hacking of such a device grant the evil little sod concerned with immense power -- but it's often also a whole lot easier than trying to do battle with modern AV software in order to gain a foothold on a user's computer.

So what's the advantage, to a hacker, of getting control of a user's router?

Well the humble DSL/fibre modem/router is a user's gateway to the internet.

All data, coming and going, must pass through this device. Therefore, if you have control of that device, you can control what the user sees in some very subtle (and potentially profitable) ways.

Even snooping on valuable data becomes easier because control of the router makes man in the middle (MIM) attacks much easier.

When a user wants to visit a website, you can tell the router to redirect that traffic to your own server -- which will log all the data coming and going, before passing it from or two the user's computer. Even SSL won't save the user from snooping if the hacker is smart enough to set up some clever tech to do some spoofing.

However, the latest clever use of router pwning seems to involve generating ad revenue.

By intercepting the flow of adds from legitimate sites and their ad networks, to a user's screen, a hacker can instead replace those ads with those of his own -- paid for by different advertisers.

This means that when you go to a reputable site like (say) the BBC's news service, the ads you see on those pages won't actually be the ones that the BBC would have sent you. Instead, the requests to the ad-servers from a user's browser will be redirected to the hacker's server where he'll serve up whatever ads people are paying him to display on those pages.

The real advantage of this is that the average user would be none the wiser -- except perhaps when ads for porn or online gambling sites start appearing.

What's more, even when a user does twig to the fact that something "isn't quite right" about their system, odds are that they'll just take their computer to the local service shop where they'll run some AV software, find a few "possible" bits of malware and some "suspicious" registry entries -- then declare the machine "clean".

Meanwhile, the compromised router will resume serving up bogus crap as soon as the computer is reconnected.

What's more, many of the modem/routers in common use are far from secure -- either because there are software flaws and back-doors, or because users seldom bother to actually set them up securely. We live in a "plug and play" world where manually configuring stuff or setting new admin passwords is not something most folk are familiar with.

As a result, the home modem/router is becoming the low-hanging fruit that attracts hackers and gives them a great door into your system.

Do readers have any ideas how to address this issue?

Do end users even know what ports should be open, which should be closed, how to set up a firewall, what telnet is and why it's important to set up a strong admin password?

Please visit the sponsor!
Please visit the sponsor!

Have your say in the Aardvark Forums.

PERMALINK to this column


Rank This Aardvark Page

 

Change Font

Sci-Tech headlines

 


Features:

Beware The Alternative Energy Scammers

The Great "Run Your Car On Water" Scam

 

The Missile Man The Missile Man book

Recent Columns

Teleworking, NZ's only hope?
eleworking, we were told in the 1990s, is the future...

The dumb world of smart appliances
The Internet Of Things (IOT) promises to make our lives easier by bringing "smarts" to a whole range of devices and appliances that were previously rather dumb...

If you lied to your employer
Most employers do not take kindly to finding out that their employees have lied to them...

Will hate kill YouTube?
Don't be surprised if you find that there are fewer ads from big-name companies popping up when you watch YouTube videos...

Uh-oh, what will happen next?
I spied something very interesting, and more than a little worrying on the aviation industry newswires this morning...

The biggest flaw of governance is...
Governance is one of the most important roles that people play in shaping, managing and enhancing our nation...

Have another cuppa
Some of the most interesting medical research to surface in recent years relates to the healthy effects of a good old cuppa...

Google Shopping
PriceSpy and other Kiwi price-comparison websites have been doing a roaring trade by creating lists of places where you can buy stuff...

When you don't learn from mistakes
Nothing is ever a total loss. Even the worst disaster brings lessons that can be used to enable a higher level of preparedness for the next bad event...

What ever happened to?
Hands up if you remember any of the online auction sites that once started off with a hiss and a roar, promising to dethrone TradeMe...

When we are redundant
If you, like me, scoffed at the media stories which predicted robots will take a huge percentage of our jobs in just a few short decades, maybe it's time to stop and think again...