It's a bad time for routers. Security researchers are turning up more and more flaws in basic router security that puts you, the owner, at risk.
I told you last week about a virus that infects routers and steals your Facebook passwords. Now, security researchers have turned up not one, not two, but a total of 60 flaws that affect a range of 22 different router models.
That may sound bad enough, but this news gets even worse. That's because these aren't just the routers you buy in the store, but also ones Internet service providers distribute to their customers. In fact, the ISP-provided ones seem to have the worst problems.
Many ISPs configure their routers for remote access or include backdoors with a common password. This is so they can troubleshoot customer issues remotely without having to send a technician to your home. However, hackers can easily find and take advantage of these security holes to take over a home owner's network.
Once a hacker takes control of a router, they have a number of options. Many of the flaws in this study let a hacker change a router's DNS settings. That sends your Internet traffic through hacker-controlled servers where they can send you to malicious sites, or load malicious code when you visit legitimate sites.
Other routers let the hacker read or delete files on any USB storage attached to the router. If you're using your router as a media server, a hacker could get access to your photos or home movies.
So, what routers are affected this time around? The researchers tested these models:
Observa Telecom AW4062, RTA01N, Home Station BHS-RTA and VH4032N; Comtrend WAP-5813n, CT-5365, AR-5387un and 536+; Sagem LiveBox Pro 2 SP and Fast 1201; Huawei HG553 and HG556a; Amper Xavi 7968, 7968+ and ASL-26555; D-Link DSL-2750B and DIR-600; Belkin F5D7632-4; Linksys WRT54GL; Astoria ARV7510; Netgear CG3100D and Zyxel P 660HW-B1A
Some of these models are only available in other countries, but others like the D-Link, Belkin and Linksys models are available off the shelf in U.S. stores. Others are used by ISPs worldwide.
If you're using any of these routers, you need to take some steps to protect yourself. Be sure to change the default password, and turn off remote access in your router settings. Learn how to adjust your router settings for maximum security.