More than 300,000 routers in homes and small businesses hacked

A security research outfit has released a report which revealed that more than 300,000 routers in homes and small businesses have been hacked.

Team Cymru, the US-based security outfit which published the report, said that the network of hacked routers is one of the biggest of its kind that has been discovered, with most of the hacked routers in Columbia, India, Italy, Thailand, and Vietnam.

Most of the hacked routers have the following common features: Owners who didn’t know how to configure their routers, insecure default settings (factory-default passwords was not an issue), backdoors in firmware, firmware version vulnerable to a known Cross-Site Request Forgery CSRF) technique, and graphical user interfaces accessible from the Internet.

The hacked router had their DNS settings modified, which is just as bad (maybe worse) than having the end-point computers themselves hacked. This image shows a heatmap distribution of the 300, 000 hacked routers.
Team Cymru 300,000 Hacked Routers

In this particular network of hacked routers, I don’t think it would have made any difference if the computers behind those routers have host-based security tools installed. But it certainly wouldn’t hurt to have the best security tools that you can get installed on your computer(s). The problem with Internet routers is that, for most users, they are an install-it-and-forget-it-device. I think asking users to reset their Internet routers often might not be such a bad idea.

Details about the 300,000 hacked routers are available in this PDF file.

Related Posts

Mozilla caves in to industry forces behind DRM-in-HTML standard Here's the latest from the Electronic Frontier Foundation on the battle to keep DRM (Digital Restrictions Management) out of the Web. This is case of ...
ownCloud 6 released. Now has conflict-handling, file previews and undelete ownCloud 6 has been released. ownCloud is a Free Software/Open Source Web application that can be used to provide a near-complete Cloud data stor...
European Parliament starts free software user group One member of the European Parliament and a handful of their advisors and assistants started a free software group last Saturday, aiming to increase t...
A Logstash Tutorial: How to Get Started Editor: The ELK stack is made up of three applications - Elasticsearch, Logstash, and Kibana. This article is about the "L" in the ELK stack. A gr...
Lenovo’s table PC and its Aura UI are worth more than a second look The smartphone and tablet computer fundamentally changed how the masses use computers (yep, the smartphone is a computer). They are the great success ...
Your server is up for sale on xDedic, for as little as $6 An interesting article from Kaspersky Lab. Should get you to sit upright - if you own a server. Kaspersky Lab researchers have investigated a globa...

We Recommend These Vendors and Free Offers

ContainerizeThis 2016 is a free, 2-day conference for all things containers and big data. Featured, will be presentations and free, hands-on workshops. Learn more at

Launch an SSD VPS in Europe, USA, Asia & Australia on Vultr's KVM-based Cloud platform starting at $5:00/month (15 GB SSD, 768 MB of RAM).

Deploy an SSD Cloud server in 55 seconds on DigitalOcean. Built for developers and starting at $5:00/month (20 GB SSD, 512 MB of RAM).

Want to become an expert ethical hacker and penetration tester? Request your free video training course of Online Penetration Testing and Ethical Hacking

Whether you're new to Linux or are a Linux guru, you can learn a lot more about the Linux kernel by requesting your free ebook of Linux Kernel In A Nutshell.

Leave a Comment

Your email address will not be published. Required fields are marked *