Router Default Passwords Prone To “Drive By Pharmingâ€
Authors of a proof of concept paper called "Drive By Pharming" say that by viewing a malicious web page users can set off changes in a broadband router or wireless access point, making the computer connected to it susceptible to attack.The paper, authored by researchers Zulfikar Ramzan, from Symantec, and Markus Jakobsson and Sid Stamm of the Indiana University School of Informatics, shows the dangers of not changing a default password in this important part of connecting to the Internet.
The paper shows how through JavaScript, hosted on a malicious web site, an attacker can change a router with a default password, taking it over, and making the DNS lookups go through the attacker’s machine, thus directing the unsuspecting user to any site the attacker wants. The criminal would want to gain something for this, so they would redirect the user to spoofed credit union, credit card, or other sites to then steal personal information and quickly put it to misuse. The authors note that this type of attack has serious widespread implications and affects many millions of users worldwide. While the attack is easy to defend against, unwitting wireless users are at risk until it is fixed. The problem can be mitigated by resetting the default passwords within the router or wireless access point..
A co-author of the paper, Markus Jakobsson, who was interviewed by CUInfoSecurity.com, noted users will still click on unfamiliar links in messages, no matter about the identity of the sender. Click here to listen to Jakobsson’s podcast interview with CUInfoSecurity.com: https://www.cuinfosecurity.com/podcasts.php?podcastID=11.
Couple this news with a recent phone survey that reveals about one-third of Internet users in the U.S. have used a wireless connection to surf the Web or check e-mail, and the need to reset default settings and passwords on the routers is acute. The survey by the Pew Internet & American Life Project showed that 34 percent of Internet users have gone online through Wi-Fi service or a cell phone network, including 27 percent who have logged on from somewhere other than their home or workplace. Three-quarters of the people with both a home wireless network and a laptop computer said they now use their laptop in different parts of the house.