• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Computer routers face hijack risk:

N

NamesDontMatter

Joined
Oct 1, 2005
Messages
797 (0.11/day)
System Specs
System Name Current
Processor Core i5 2500k
Motherboard Z77MA-G45
Cooling Cooler Master Tx3
Memory 8gb DDR3 1600Mhz
Video Card(s) Evga GTX 960 4GB GDDR5
Storage (1) SAMSUNG 850 EVO 500GB
Display(s) ASUS PB278Q 27" WQHD 2560x1440 IPS
Case Fractal Core 1000
Audio Device(s) Onboard
Power Supply 430 Watt Corsair
Mouse Logitech g602
Keyboard K70 LUX Mech LB, Red LED, Cherry MX Brown
Software Windows 10 + Hackintosh
Researchers at both Symantec Corp. and the University of Indiana say routers are at risk of highjacking. The research found that router users are succeptable to hijacking of their hardware through malicious code hiding in specially crafted websites that could change settings on the network devices and begin phishing attacks. These attacks are very dangerous to users an example givin by cbc.ca states, "For example, a person could enter the correct address of their bank's website into their web browser but they would be taken to a fake site designed to steal their banking information." The scary thing is that this particular type of attack works on The on all major consumer routers, including routers made by Linksys, Belkin, Netgear and D-Link, but only after a user on that device visited a specially crafted web page for it to work.

View at TechPowerUp Main Site
 
WarEagleAU

WarEagleAU

Bird of Prey
Joined
Jul 9, 2006
Messages
10,812 (1.60/day)
Location
Gurley, AL
System Specs
System Name Pandemic 2020
Processor AMD Ryzen 5 "Gen 2" 2600X
Motherboard AsRock X470 Killer Promontory
Cooling CoolerMaster 240 RGB Master Cooler (Newegg Eggxpert)
Memory 32 GB Geil EVO Portenza DDR4 3200 MHz
Video Card(s) ASUS Radeon RX 580 DirectX 12 DUAL-RX580-O8G 8GB 256-Bit GDDR5 HDCP Ready CrossFireX Support Video C
Storage WD 250 M.2, Corsair P500 M.2, OCZ Trion 500, WD Black 1TB, Assorted others.
Display(s) ASUS MG24UQ Gaming Monitor - 23.6" 4K UHD (3840x2160) , IPS, Adaptive Sync, DisplayWidget
Case Fractal Define R6 C
Audio Device(s) Realtek 5.1 Onboard
Power Supply Corsair RMX 850 Platinum PSU (Newegg Eggxpert)
Mouse Razer Death Adder
Keyboard Corsair K95 Mechanical & Corsair K65 Wired, Wireless, Bluetooth)
Software Windows 10 Pro x64
::cringe:: this isnt good news....
 
X

XooM

New Member
Joined
Oct 17, 2004
Messages
468 (0.06/day)
Location
Close to FrozenCPU.com
System Specs
Processor Athlon 64 3800 x2 Windosr @ 2.65 (and rising)
Motherboard BIOSTAR TForce 550
Cooling Custom Liquid (WMD20RLZT, Swiftech STORM, 2-302 w/ custom shroud, 2x sanyo denki)
Memory Patriot PDC22G5300LLK
Video Card(s) Sapphire x1900GT
Storage 1x maxtor 40gb, 2x hitachi T7K250 160gb drives RAID 0, 1x 160gb Spinpoint
Display(s) 2x 17" CRT (dells; one from 1998, one from 2001) at 1600x1200 each
Case Aspire X-SuperAlien
Audio Device(s) integrated
Power Supply Seasonic S12 600watt
Software WinXP SP2, Folding@Home, Battlefield2, etc
thank God, the FSM, and Tom Cruise for Smoothwall :cool:
 
niko084

niko084

Joined
Dec 5, 2006
Messages
7,704 (1.17/day)
System Specs
System Name Back to Blue
Processor i9 14900k
Motherboard Asrock Z790 Nova
Cooling Corsair H150i Elite
Memory 64GB Corsair Dominator DDR5-6400 @ 6600
Video Card(s) EVGA RTX 3090 Ultra FTW3
Storage 4TB WD 850x NVME, 4TB WD Black, 10TB Seagate Barracuda Pro
Display(s) 1x Samsung Odyssey G7 Neo and 1x Dell u2518d
Case Lian Li o11 DXL w/custom vented front panel
Audio Device(s) Focusrite Saffire PRO 14 -> DBX DriveRack PA+ -> Mackie MR8 and MR10 / Senn PX38X -> SB AE-5 Plus
Power Supply Corsair RM1000i
Mouse Logitech G502x
Keyboard Corsair K95 Platinum
Software Windows 11 x64 Pro
Benchmark Scores 31k multicore Cinebench - CPU limited 125w
Cisco 850 FTW! < Maybe I should get one, they do the trick, and are the cheapest of the group.

I have been highly considering setting up another linux machine to act as a router anyways.
 
P

PyroInc

Joined
Aug 4, 2006
Messages
683 (0.10/day)
System Specs
Processor Intel i7 4790K
Motherboard Asus Maximus VII Impact
Cooling 2x120mm fans, 1x140mm fan, 1x240mm radiator, 1x140mm radiator, XSPC Water Cooling Pump
Memory 16gb Corsair Dominator Series 2400mhz
Video Card(s) XFX R9 295x2
Storage 1x500gb Crucial SSD
Case Corsair 250D
Power Supply Seasonic 1200w Platinum
wouldn't the url be different then. I'd notice something was wrong then
 
N

Namslas90

New Member
Joined
Aug 27, 2006
Messages
4,846 (0.72/day)
Location
Earth
Just another reason why I don't/won't use routers. Multiple ISP's is the way to go!!
 
X

XooM

New Member
Joined
Oct 17, 2004
Messages
468 (0.06/day)
Location
Close to FrozenCPU.com
System Specs
Processor Athlon 64 3800 x2 Windosr @ 2.65 (and rising)
Motherboard BIOSTAR TForce 550
Cooling Custom Liquid (WMD20RLZT, Swiftech STORM, 2-302 w/ custom shroud, 2x sanyo denki)
Memory Patriot PDC22G5300LLK
Video Card(s) Sapphire x1900GT
Storage 1x maxtor 40gb, 2x hitachi T7K250 160gb drives RAID 0, 1x 160gb Spinpoint
Display(s) 2x 17" CRT (dells; one from 1998, one from 2001) at 1600x1200 each
Case Aspire X-SuperAlien
Audio Device(s) integrated
Power Supply Seasonic S12 600watt
Software WinXP SP2, Folding@Home, Battlefield2, etc
PyroInc said:
wouldn't the url be different then. I'd notice something was wrong then
Click to expand...
no. It could spoof your DNS and redirect any normal URL to any page they wanted, all while looking completely legit.
 
S

spectre440

New Member
Joined
Jul 18, 2005
Messages
937 (0.13/day)
Location
Israel
System Specs
Processor Athlon 64 x2 4000+ (65nm Brisbane)
Motherboard Abit AN-M2 (AM2) nForce 630a
Cooling Stock everything (for the time being), 2x120mm fans (intake & exhaust)
Memory 2GB (2x1024) OCZ Platinum PC2-6400 (4-4-4-15, 2T)
Video Card(s) PowerColor ATI HD 2600XT 256mb GDDR4 PCI-e
Storage Hitachi Deskstar 160GB SATA 3.0G/s, External USB2.0 WD 160GB
Display(s) LG 17' LCD (L1753TR)
Case HEC-Compucase 6A, black & grey
Audio Device(s) On-Board 7.1 (realtek)
Power Supply Spire Zeno 650W
Software WinXP Pro SP2 (32-bit, for the time being)
this definantly isnt good...

there are way to protect one's PC against these types of things, but how does one protect ones router?
 
P

Pinchy

Joined
Apr 29, 2006
Messages
5,105 (0.75/day)
Location
Sydney, Australia
System Specs
System Name UltraPC
Processor E8500 Core 2 Duo, 1333Mhz FSB, 3.16Ghz @ 4.5GHz (got into Windows @ 4.75GHz)
Motherboard ASUS P5Q-e
Cooling CPU Cooler - TT V14 Pro, 2x120mm CM Blue LED fans, 1x90mm CM Blue LED fan
Memory G.Skill Pi 4GB (2x2GB) Dual Channel DDR2 PC8000 (1000MHz), 5-5-5-15
Video Card(s) Sapphire HD4850 512mb with ASUS EAH4850 BIOS
Storage 2x 500GB Seagate 7200.12 Raid 0
Display(s) Acer AL1912, 19" LCD screen
Case Thermaltake Soprano Black ATX case
Audio Device(s) Onboard 7.1, Speakers - 5 + Sub + Monitor speakers
Power Supply Thermaltake 850W Toughpower Cable Management - Quad (2x18A and 2x30A) 12V rails
Software Win 7 Pro x64, MSN, CS:Source, etc etc
hmm, i hope SMC isnt affected :p
 
P

Poisonsnak

New Member
Joined
Feb 13, 2005
Messages
362 (0.05/day)
Location
Saskatoon, SK
System Specs
Processor FX-8150
Motherboard Gigabyte 990FXA-UD3
Cooling Thermalright Ultra-120 Extreme lapped & shimmed
Memory Patriot Viper Extreme 8GB DDR3-1866 9-11-9-27 1.65V
Video Card(s) MSI 6950 2GB Twin Frozr II @ 6970 875/1375
Storage Crucial M4 0309 64GB
Display(s) Dell U2410
Case Corsair 650D
Audio Device(s) onboard
Power Supply Corsair AX750
Software Windows [8] Developer Preview
read the rest of the story at the end of the link:

The researchers cited surveys that showed half of home router users use the default password or no password on the device, and 95 per cent allow their web browsers to use JavaScript code.

"This means 47.5 per cent of all home users … are effectively leaving themselves open to another attack — allowing attackers to circumvent all known anti-phishing countermeasures," the researchers wrote.
Click to expand...

These are the same kind of people that don't secure their wireless networks
 
A

Alec§taar

New Member
Joined
May 15, 2006
Messages
4,677 (0.69/day)
Location
Someone who's going to find NewTekie1 and teach hi
System Specs
Processor DualCore AMD Athlon 64x2 4800+ (o/c 2801mhz STABLE (Ketxxx, POGE, Tatty One, ME))
Motherboard ASUS A8N-SLI Premium (PCIe x16, x4, x1)
Cooling PhaseChange Coolermaster CM754/939 (fan/heatsink), Thermalright heatspreaders + fan built on (RAM)
Memory 512mb PC-3200 DDR400 (set DDR-33 for o/c) by Corsair (matched pair, 2x256mb) 200.1/200mhz
Video Card(s) BFG GeForce 7900 GTX OC 512mb GDDR3 ram (o/c manually to 686 core/865 memory) - PhaseChange cooled
Storage Dual "Raptor X" 16mb 10krpm/RAID 0 Promise EX8350 x4 PCIe 128mb & Intel IO chip/CENATEK RocketDrive
Display(s) SONY 19" Trinitron MultiScan 400ps 1600x1200 75hz refresh 32-bit color
Case Antec Super-LanBoy (aluminum baby-tower w/ lower front & upper rear cooling exhaust fans)
Audio Device(s) RealTek AC97 onboard mobo stereo sound (Altec Lansing ACS-45 speakers - 10 yrs. still running!)
Power Supply Antec 500w ATX 2.0 "SmartPower" powersupply
Software Windows Server 2003 SP #1 fully patched, & massively tuned/tweaked to-the-max (plus latest drivers)
NamesDontMatter said:
Researchers at both Symantec Corp. and the University of Indiana say routers are at risk of highjacking. The research found that router users are succeptable to hijacking of their hardware through malicious code hiding in specially crafted websites that could change settings on the network devices and begin phishing attacks. These attacks are very dangerous to users an example givin by cbc.ca states, "For example, a person could enter the correct address of their bank's website into their web browser but they would be taken to a fake site designed to steal their banking information." The scary thing is that this particular type of attack works on The on all major consumer routers, including routers made by Linksys, Belkin, Netgear and D-Link, but only after a user on that device visited a specially crafted web page for it to work.

Source: cbc.ca
Click to expand...

Turn off JAVASCRIPT in your browsers & web based apps that use it...

:)

* This is the reason WHY I do so, OR rather, a part of it... & only use it, where you HAVE to. For INTRANET usage, it's decent stuff... but, for the public internet, it definitely has DOWNSIDES!

APK

P.S.=> Webmasters may not LIKE me doing that, but it is a personal choice - I'd like to keep my system solid & secure as is possible! apk
 
Last edited:
P

Poisonsnak

New Member
Joined
Feb 13, 2005
Messages
362 (0.05/day)
Location
Saskatoon, SK
System Specs
Processor FX-8150
Motherboard Gigabyte 990FXA-UD3
Cooling Thermalright Ultra-120 Extreme lapped & shimmed
Memory Patriot Viper Extreme 8GB DDR3-1866 9-11-9-27 1.65V
Video Card(s) MSI 6950 2GB Twin Frozr II @ 6970 875/1375
Storage Crucial M4 0309 64GB
Display(s) Dell U2410
Case Corsair 650D
Audio Device(s) onboard
Power Supply Corsair AX750
Software Windows [8] Developer Preview
Well I was more concerned with those who leave the default password on their router but hey I've never liked javascript either.
 
Scavar

Scavar

New Member
Joined
Aug 29, 2006
Messages
573 (0.09/day)
Location
Ft Lauderdale, FL
System Specs
System Name ScarredWolf(Desktop), MBlackWolf(Laptop)
Processor E6600(Desktop), T7300(Laptop)
Motherboard EVGA 680i(Desktop), IFL90(Laptop)
Cooling Akasa EVO 120(Desktop), No idea(Laptop)
Memory G Skill PI 8GB 4x2gb(Desktop), G Skill 3GB 1GB/2GB(Laptop)
Video Card(s) 8800GTS 640mb(Desktop), 8600m GT(Laptop)
Storage 3x250GB 1x500GB(Desktop), 1x320GB(Laptop)
Display(s) Acer AL2216W 22"(Desktop), 15.4"(Laptop)
Case Cosmos 1000(Desktop), PowerPro J 10:15(Laptop)
Audio Device(s) CreativeX-Fi/Z-5500(Desktop), Realtek/No idea(Laptop)
Power Supply PC Power and Cooling Silencer 610w(Desptop), *shrug*(Laptop)
Software Windows Vista Ultimatex64 with tweaks(Both)
Benchmark Scores I'm too lazy to benchmark anything.
After reading this, I decided I would finally turn Javascript off.

My dad is pretty insane when it comes to routers. Who the hell uses the default password? Isn't it like admin for all of them? I mean come on....
 
P

Pinchy

Joined
Apr 29, 2006
Messages
5,105 (0.75/day)
Location
Sydney, Australia
System Specs
System Name UltraPC
Processor E8500 Core 2 Duo, 1333Mhz FSB, 3.16Ghz @ 4.5GHz (got into Windows @ 4.75GHz)
Motherboard ASUS P5Q-e
Cooling CPU Cooler - TT V14 Pro, 2x120mm CM Blue LED fans, 1x90mm CM Blue LED fan
Memory G.Skill Pi 4GB (2x2GB) Dual Channel DDR2 PC8000 (1000MHz), 5-5-5-15
Video Card(s) Sapphire HD4850 512mb with ASUS EAH4850 BIOS
Storage 2x 500GB Seagate 7200.12 Raid 0
Display(s) Acer AL1912, 19" LCD screen
Case Thermaltake Soprano Black ATX case
Audio Device(s) Onboard 7.1, Speakers - 5 + Sub + Monitor speakers
Power Supply Thermaltake 850W Toughpower Cable Management - Quad (2x18A and 2x30A) 12V rails
Software Win 7 Pro x64, MSN, CS:Source, etc etc
Poisonsnak said:
read the rest of the story at the end of the link:



These are the same kind of people that don't secure their wireless networks
Click to expand...

lol who doesnt use a password :p
 
E

ex_reven

New Member
Joined
Sep 4, 2006
Messages
5,217 (0.78/day)
System Specs
My router password is set to default :p
i could never really be bothered to change it :roll:

i would of course do so if i was visiting less than ideal websites, but i havnt ventured away from hotmail, tpu, myspace and wikipedia on this computer in the few months ive had it.

il change it later ;)
 
P

Pinchy

Joined
Apr 29, 2006
Messages
5,105 (0.75/day)
Location
Sydney, Australia
System Specs
System Name UltraPC
Processor E8500 Core 2 Duo, 1333Mhz FSB, 3.16Ghz @ 4.5GHz (got into Windows @ 4.75GHz)
Motherboard ASUS P5Q-e
Cooling CPU Cooler - TT V14 Pro, 2x120mm CM Blue LED fans, 1x90mm CM Blue LED fan
Memory G.Skill Pi 4GB (2x2GB) Dual Channel DDR2 PC8000 (1000MHz), 5-5-5-15
Video Card(s) Sapphire HD4850 512mb with ASUS EAH4850 BIOS
Storage 2x 500GB Seagate 7200.12 Raid 0
Display(s) Acer AL1912, 19" LCD screen
Case Thermaltake Soprano Black ATX case
Audio Device(s) Onboard 7.1, Speakers - 5 + Sub + Monitor speakers
Power Supply Thermaltake 850W Toughpower Cable Management - Quad (2x18A and 2x30A) 12V rails
Software Win 7 Pro x64, MSN, CS:Source, etc etc
you log onto your internet banking :p!

dont mind me if i sit out the front of your house with my bro's laptop :D
 
P

Pinchy

Joined
Apr 29, 2006
Messages
5,105 (0.75/day)
Location
Sydney, Australia
System Specs
System Name UltraPC
Processor E8500 Core 2 Duo, 1333Mhz FSB, 3.16Ghz @ 4.5GHz (got into Windows @ 4.75GHz)
Motherboard ASUS P5Q-e
Cooling CPU Cooler - TT V14 Pro, 2x120mm CM Blue LED fans, 1x90mm CM Blue LED fan
Memory G.Skill Pi 4GB (2x2GB) Dual Channel DDR2 PC8000 (1000MHz), 5-5-5-15
Video Card(s) Sapphire HD4850 512mb with ASUS EAH4850 BIOS
Storage 2x 500GB Seagate 7200.12 Raid 0
Display(s) Acer AL1912, 19" LCD screen
Case Thermaltake Soprano Black ATX case
Audio Device(s) Onboard 7.1, Speakers - 5 + Sub + Monitor speakers
Power Supply Thermaltake 850W Toughpower Cable Management - Quad (2x18A and 2x30A) 12V rails
Software Win 7 Pro x64, MSN, CS:Source, etc etc
make a bet :D?

I already know your router password :p
 
P

Pinchy

Joined
Apr 29, 2006
Messages
5,105 (0.75/day)
Location
Sydney, Australia
System Specs
System Name UltraPC
Processor E8500 Core 2 Duo, 1333Mhz FSB, 3.16Ghz @ 4.5GHz (got into Windows @ 4.75GHz)
Motherboard ASUS P5Q-e
Cooling CPU Cooler - TT V14 Pro, 2x120mm CM Blue LED fans, 1x90mm CM Blue LED fan
Memory G.Skill Pi 4GB (2x2GB) Dual Channel DDR2 PC8000 (1000MHz), 5-5-5-15
Video Card(s) Sapphire HD4850 512mb with ASUS EAH4850 BIOS
Storage 2x 500GB Seagate 7200.12 Raid 0
Display(s) Acer AL1912, 19" LCD screen
Case Thermaltake Soprano Black ATX case
Audio Device(s) Onboard 7.1, Speakers - 5 + Sub + Monitor speakers
Power Supply Thermaltake 850W Toughpower Cable Management - Quad (2x18A and 2x30A) 12V rails
Software Win 7 Pro x64, MSN, CS:Source, etc etc
Moral of the story, change ur password
 
P

Pinchy

Joined
Apr 29, 2006
Messages
5,105 (0.75/day)
Location
Sydney, Australia
System Specs
System Name UltraPC
Processor E8500 Core 2 Duo, 1333Mhz FSB, 3.16Ghz @ 4.5GHz (got into Windows @ 4.75GHz)
Motherboard ASUS P5Q-e
Cooling CPU Cooler - TT V14 Pro, 2x120mm CM Blue LED fans, 1x90mm CM Blue LED fan
Memory G.Skill Pi 4GB (2x2GB) Dual Channel DDR2 PC8000 (1000MHz), 5-5-5-15
Video Card(s) Sapphire HD4850 512mb with ASUS EAH4850 BIOS
Storage 2x 500GB Seagate 7200.12 Raid 0
Display(s) Acer AL1912, 19" LCD screen
Case Thermaltake Soprano Black ATX case
Audio Device(s) Onboard 7.1, Speakers - 5 + Sub + Monitor speakers
Power Supply Thermaltake 850W Toughpower Cable Management - Quad (2x18A and 2x30A) 12V rails
Software Win 7 Pro x64, MSN, CS:Source, etc etc
no, now i cant wipe your bank account :p
 
xylomn

xylomn

Joined
May 13, 2006
Messages
654 (0.10/day)
Location
Newcastle upon Tyne
System Specs
Processor AMD Ryzen 5900X
Motherboard MSI MAG B550M Mortar WiFi
Cooling Corsair H100i RGB Platinum SE 240mm
Memory 32GB Corsair Dominator Platinum RGB 3600MHz
Video Card(s) Sapphire Vega 64 8GB
Storage Sabrent Rocket 4.0 1TB / ADATA SX8200 Pro 1TB / Crucial MX500 1TB
Display(s) Dell U2715
Case Corsair 280X
Power Supply Corsair RM850x
Mouse Razer DeathAdder Chroma
Keyboard Ducky One2 Horizon
Software Windows 10 Professional
Benchmark Scores Cinemark r23 Multicore: 22280
Just use firefox with the NoScript extension... then you can enable javascript for the sites you need and leave it off for everything else... works a treat :)
 
You must log in or register to reply here.
Top