Exploit Found In Netgear Routers
Gareth Andrews / 3 years ago
So we’ve all had those periods where we come home and think our stuff has been moved around, you know when you think you’ve put your keys down beside the door and you find them on the sitting room table. Now imagine that you came home and found that some of your technology has had its settings changed, and most worryingly the technology in question is your router, the central point for all your devices to enter the world wide web. Turns out this happened to Joe Giron when he found out that his router had its settings changed on the 28th September.
Joe Giron told the BBC that he had discovered that some settings, not any settings, but the admin settings on his personal router had been changed. After the device was changed it began to send web browsing data to an internet address, clearly for a malicious reason.
The router in question is one of Netgear’s, a known brand all around the world. Netgear has accepted that the vulnerability that Giron was affected by is “serious” but will affect less than 5,000 devices.
The problem is the data that was changed was the domain name server setting, normally set to your web providers or in this case Google’s. The DNS transforms web addresses into formats which computers can understand, most commonly a form of IP address. With control over these settings it’s not only possible to track visited sites but also redirect the user to whichever site you want.
It has been confirmed by Netgear that an update to deal with this issue will be released on the 14th October. Affected users will be prompted to update their firmware if they log into their admin settings or have the Netgear genie app installed on any connected device.
Thank you BBC for the information.