Leave a comment

Zero-day exploit affects modem/router combo

Zero-day exploit affects modem/router combo
Photo courtesy of Shutterstock

If you're a DSL customer and use a D-Link DSL-2740R model, then you're vulnerable to a proof-of-concept discovered by Bulgarian security researcher Tondor Donev. The attack allows hackers to bypass the router's security and hijack Web traffic.

The router was released in 2009 and the security flaw is present in ZynOS, firmware installed on the router. The router has been phased out, so if you've purchased a router recently then you probably don't have to worry.

Breaches like this don't just affect people who own the router. Hackers can exploit these security holes surprisingly easily.

Alert: Have you updated Adobe Flash? You should. Find out why.

How they do it might surprise you.

Computer World reports how hackers have exploited router vulnerabilities to pull off hacks:

In March 2014, Internet security research organization Team Cymru uncovered a global attack campaign that compromised over 300,000 home routers and changed their DNS settings. A different vulnerability in ZynOS was exploited in that attack and one of the techniques used was likely CSRF.

Attacks like these could cripple anyone's security. Worst of all, this bug hasn't yet been disclosed to D-Link. That means that the company has no means to fix the hole.

Check on your router to make sure that it's not a DSL-2740R. If it is, then it might be time to buy a new router. I teach you how in this helpful tip.

 

Next Story
View Comments ()
YouTube move signals the death of Flash
Previous Happening Now

YouTube move signals the death of Flash

Alert: IRS warns against scammers and thieves
Next Happening Now

Alert: IRS warns against scammers and thieves