Vulnerable Wi-Fi routers lead to attacks and fake websites
It was recently discovered that millions of ADSL routers were hacked in Brazil to create a large botnet chain. This is an unprecedented move that goes to show that not even our routers are safe from attackers. Many homes and offices use Wi-Fi routers for web access today so it is important to understand the need to keep these devices protected.
Unfortunately, attackers have now come up with innovative methods to infect a router. A compromised router is dangerous because an attacker can direct a victim to fake pages that derive information and convince him to install malicious programs. Moreover, such pages can also contain drive-by downloads or malicious Java applets that can infect a system. Advanced attackers can even make use of spyware and other tools to record keyboard strokes, real-time videos through the webcam, audio recordings through the microphone and other data.
What makes a router vulnerable?
These nefarious incidents occur when an infected router leads to a malicious DNS server. Routers that are vulnerable to such attacks can be remotely accessed from the web and then programmed to direct machines to fake websites.
The primary cause of this vulnerability is that a majority of users do not change the default username and password for routers that they own. They simply use the default entries provided by a manufacturer instead. This username and password is required to access the configuration of the router and it can only be accessed by visiting a unique IP address that the manufacturer provides.
Moreover, security patches and fixes for router vulnerabilities are released very rarely. So if there is a vulnerability present, it takes a long time to resolve. Most users are also unaware about the need to update the firmware in their routers and this prolongs the time period for which a router can be exploited.
Steps to ensure router safety
The following steps need to be adhered to in order to prevent a router from getting hacked:
- The default password provided by the manufacturer must be changed. The way to implement this can be learned from the router user manual or a Google search or a call to the support team.
- If a firmware update for the router is available, it should be installed immediately.
- If a router has a hardware firewall, it should be implemented. This Internet firewall protection can be enabled from the router settings configuration page.
- The WAN ping feature from the configuration page should be disabled. This feature allows hackers to check if a WAN IP address is valid.
- Security encryption like WPA2 or WPA (Wi-Fi Protected Access) must be enabled. This ensures that no party can access a WiFi connection and router without the password.
The best system protection software is essential for complete computer security, but there are certain manual steps that need to be taken as well. Attackers can only infect routers and machines if there is some form of vulnerability for them to exploit and such vulnerabilities can only be found on unpatched machines. It is strongly recommended that you upgrade to Quick Heal 2013 for protection against the latest malware threats and attack methods exploited by attackers.
87 Comments
Thanks rahul for en-lighting the Router vulnerabilities and the need to update the firmware.
Another one more attack technique on network…!!!
thanks, for your fruitful advise- Rahul..
Thanks rahul for en-lighting the Router vulnerabilities and the need to update the firmware
Thnkes ,thankes dear rahul.
thanks for the information
Thanks, Rahul, for this latest threat information. I use a wi-fi modem, and have got my user id and password changed by the service provider. Is that enough? I also use Quick Heal Internet security AV in my system.
Can you also let m know about this anti-logger software available on the net? Does it help, if installed? Something about this will also help.
When you respond, will it be possible to mail a copy to me too?
Thanks.
Hi Naresh,
We cannot comment on this software. It is good that you have changed the user ID and password. Update your antivirus software regularly and your system will remain protected.
Regards.
thanks
Thanks for the Info :-)) …..
thank you for information
i have ADSL Type 2 Router With WiFi
I RECIVE THIS MASAGE DAILY WHAT WILL I DO FOR REMOVE THIS “MALWARE AND FIEWALL” WHAT WILL I DO???PLZ GIVE ME SOME SUGGETION?? HOW CAN I PROTECT MY PC AND NETWORK
Hi Ruchi,
Your PC and network are well protected if you have updated your OS and antivirus software. If you have any further issues regarding your Quick Heal product, please visit this link – https://www.quickheal.com/submitticket.asp. Here you can submit a ticket and our support team will get back to you.
Regards.
Thanks for the info.
Thanks Mr.Rahul sir, how can get firmware update me.please give your advice always.Thanks again.
Hi,
You must check the website of the manufacturer of your router to check for firmware updates. Alternately, you can speak to their support numbers also to know about these updates.
Regards.
One more Security measure is enabling MAC address filtering.
thnx for help
Can you confirm that Quick heal servers are malware proof? And online update must take of that..either Quickheal 2012 or 2013….!!
Hi Rajiv,
Yes the Quick Heal servers are malware proof.
Regards.
Thanks for informing.
Good
thanks for the info …. nice……work ……
please send me the license key of quick hill
very very thanking you
Thanks,,
Hey Rahul I have 27 computer in my office and it’s connected WORKGROUP,and I have WI-Fi Router.. So what is problem?
please mail me!
Hi Abhijit,
Could you be more clear about what the issue is.
Thanks and regards.
Rahul,
Thanks for the information. We appreciate it as it is helpful to millions out there who are not very tech savy. Great work. Keep posting such info for benefit of all.
Thanks for this important News Yesterday i face many problems with Wi-Fi
PLZ THIS PROBELM CLEAN.
Thanks for share information……..
Thanks for this important News Today. i face many problems with Wi-Fi router. thnnx. .
Thnx and best regards
ankit verma
frontier Agencies pvt.ltd.
lucknow.220005
thank sir for inform that us…..please solve this problums….I request you.
Your article on router vulnerability will certainly help the users to take more precautions.
good
Thanks for the imformation Rahul.. another grate security setting is that MAC ADDRESS BINDING ENABLE ON YOUR ROUTER.
Thank you Mr Rahul providing us with valuable information regarding malware.
i need this
I have my PC in my house with Router & I have quickheal software of total security. Should I change User ID & Password.
Rajendra Joshi.
20/10/2012
Hi Rajendra,
Yes it is advisable to change your user ID and password for the router in your scenario.
Regards.
Thank you. Hope of the best
A lot pf thanks the latest threat information
thanxxx 4 tha help
THANK YOU
Thanks for the information
I want to update QHIS 12 but an error occured A dialog box appears that shows ” Unable to complete the download process due to internet disconnected from remote side please check the internet connection ” but the internet is connected i cant understand the problem please solve the issue.
Hi Payal,
Kindly try the update process again. If the same error occurs, you can visit this link to submit a ticket – https://www.quickheal.com/builds.asp. Our support team will get back to you with a solution.
Regards.
Thanks for information,I sure u r realy great person,god bless you.Haji Khurshid Anwer
I received a mail with subject UPS member. But when I open attachment file with mail. My pc suddenly restart and Guardian antivarus give me massage that my saystem atack with virus and theft data online. I immedaitly log off my system and load the fresh window and load Quick Heal antivirus . plz suggest what happen now .
Hi Rajiv,
You should not open the attachments on such emails. It seems that your machine has been infected with some malware. Please run a full system scam with your Quick Heal product. Or visit this link – https://www.quickheal.com/builds.asp.
Regards.
i am running a site through my thru wamp server… should i change the id pass?
i have quick heal total security installed
Hi Yogesh,
You can change the password as a preventive measure if you feel that you are susceptible to attacks like this.
Regards.
think if some one crack our password then how we will come to know
Hi Rishabh,
It is very hard to find out if someone has discovered a password or not. The best thing to do when in doubt, is to change the password immediately.
Regards.
Hi Rahul,
Thank you for details & preventive care suggested regarding Wi-fi Routers. At present we are using Quick Heal Total Security 13.00 on our system & are using Zyxel Wi-fi Router. I think we are victims of the issue. We are facing similar problems as discussed by you.
We are directed to different websites & also, display of web pages of certain websites takes long time. Some websites ask us to login again & again. We did not faced such problems earlier. Our Internet Connectivity is excellent.
Also, We are located in Nashik & We have observed on Internet
(i.e google & Facebook )our Location is displayed as Aurangabad.
during day i.e between 9AM to 8.30 PM & it displays Nasik at night i.e 8.30 PM to 9AM.
We will be obliged if you suggest extra preventive actions also.
Regards,
Nikhil G.
Hi Nikhil,
If this attack has occurred on your router, it is a very serious issue. You need to take corrective steps immediately. We recommend that you visit our support page and submit a ticket – https://www.quickheal.com/submitticket.asp. Our support team will get back to you. You can also call our support team for further analysis. You should also update the firmware of your router immediately.
All the best.
thnx rahul
thanks
Rahul sir,, i think someone is trying to hack my computer, i used quick heal total security. can it protect my laptop from these type of hackers or i should have to change my antivirus software, please give me some suitable direction in my mail as soon as possible.
Thanks
Raaj computers
dhanbad-826004
Jharkhand
Hi Raaj,
Quick Heal Total Security will keep your machine protected from hackers and other attacks. If you need further help you can visit this link and our support team will get back to you – https://www.quickheal.com/submitticket.asp.
Regards.
thanks for giving me a valuable information.i have also got problem in my pc
thanx for information help
Thanks for informing about this….!!
Thanks for informing about these viruses…..
hello,
I have a probel with blue screen and dump memory problem…Blue screen appears and it says that it is due to caching.Please provide solution with this problem..
Hi,
Kindly visit this link – https://www.quickheal.com/submitticket.asp. You can submit details about your problem here and our support team will get back to you.
Regards.
hey
we have problem with blue screen and dump memory..
There is a problem of Caching..
Please provide solution for it.
thanks for information
thnks 4 new trick
thnaks rahul sir ….
Now i want to introduce a new problem which is happening in my laptop. while watching movie in laptop , the screen is automatic looks like scratching type. Is it problem of virus affected or other ??????? my laptop is of Dell compay model number INSPIRON 15R . when i reached the shop where i bought my laptop and told him about the problem then he adviced me that it is due to software ,we cant help you anytype .he told me that we only give the warranty of hardware not for software. Now what should i do rahul sir,, please tell me ??????????????????/
Hi Raaj,
The chances that this is happening due to software are very low. Check if the screen has physical signs of damage. If not, use a different program to watch movies. Or view a different video file, maybe the file you saw was corrupted.
Regards.
Thank you, for informing, I’ll be more careful about that !!
how can i change my default password provided my manufacturer to my com from vulnerablre wi-fi router?????
Hi Anshu,
If you have a user manual for the router, the steps will be mentioned there. If not, you can visit their website and get the steps. If that does not work, you will need to call their support number.
Regards.
dear sir,
thankyou for
Hello Sir, Please Repeir my Anti Vourous.
Thanks.
Hi Vijay,
Please visit this link to report any issue with your Quick Heal product – https://www.quickheal.com/submitticket.asp. Our support team will then contact you with a solution.
Regards.
Hello Sir, What is Wi-Fi Routers.
Hi Vijay,
Wi-Fi routers are wireless modems that allow your laptop/mobile/other devices to connect to the Internet wirelessly.
Regards.
thanks
Thank you Rahul for awaring Wi-Fi router threat. It is a great tip to protect our system. Again many – many thanks and with regards.
thanks for useful information. I certainly ensure its implementation.
Thanks.
thanks for guiding us on a new threat through Wi-Fi.
Wow. good initiative to alert common man.
thanks dude
After I update the router ………… default username and password is not working ……. help me please
Hi Rohit,
Have you tried contacting the manufacturer of the router? If you need any help from us, kindly contact our support team at 0-927-22-33-000.
You can also raise a query at https://www.quickheal.com/submitticket.asp. Our support team will get back to you to resolve the issue you are facing.
Regards,