According to this report on Ars Technica, a presentation due to be shown at the Black Hat security conference at the end of the month will show that many routers are vulnerable to attack by hackers. The attacks would allow traffic to be redirected and intercepted, in addition to giving hackers access to victims’ local networks.
“The title of the presentation, ‘How to Hack Millions of Routers,’ gives a clear indication of the scale of the potential issues. Popular router models from Netgear, Linksys, and Belkin were found to be vulnerable, including models used for Verizon’s FIOS and DSL services, as were widely-used third-party firmwares such as DD-WRT and OpenWrt. About half the routers tested did not appear to be vulnerable.
“The attack uses a technique called DNS rebinding to subvert protections built into web browsers that are intended to restrict what scripts and HTML can do. DNS is the system that maps from human-friendly names—such as ‘www.arstechnica.com’—to computer-friendly IP addresses. DNS allows one name to be mapped to multiple IP addresses, which is an important technique to provide load balancing and fault tolerance, as it allows the load to be spread among several different machines. In a DNS rebinding attack, the attacker controls both a website and the DNS server used to send traffic to the site. Each time a victim visits the website, the DNS server is updated to include the visitor’s IP address as one of the IP addresses used for the site.”