Router Default Passwords Prone To “Drive By Pharming”

Authors of a proof of concept paper called "Drive By Pharming" say that by viewing a malicious web page users can set off changes in a broadband router or wireless access point, making the computer connected to it susceptible to attack.

The paper, authored by researchers Zulfikar Ramzan, from Symantec, and Markus Jakobsson and Sid Stamm of the Indiana University School of Informatics, shows the dangers of not changing a default password in this important part of connecting to the Internet.

The paper shows how through JavaScript, hosted on a malicious web site, an attacker can change a router with a default password, taking it over, and making the DNS lookups go through the attacker’s machine, thus directing the unsuspecting user to any site the attacker wants. The criminal would want to gain something for this, so they would redirect the user to spoofed bank, credit card, or other sites to then steal personal information and quickly put it to misuse. The authors note that this type of attack has serious widespread implications and affects many millions of users worldwide. While the attack is easy to defend against, unwitting wireless users are at risk until it is fixed. The problem can be mitigated by resetting the default passwords within the router or wireless access point..

A co-author of the paper, Markus Jakobsson, who was interviewed by BankInfoSecurity.com, noted users will still click on unfamiliar links in messages, no matter about the identity of the sender. Click here to listen to Jakobsson’s podcast interview with BankInfoSecurity.com: https://www.bankinfosecurity.com/podcasts.php?podcastID=11.

Couple this news with a recent phone survey that reveals about one-third of Internet users in the U.S. have used a wireless connection to surf the Web or check e-mail, and the need to reset default settings and passwords on the routers is acute. The survey by the Pew Internet & American Life Project showed that 34 percent of Internet users have gone online through Wi-Fi service or a cell phone network, including 27 percent who have logged on from somewhere other than their home or workplace. Three-quarters of the people with both a home wireless network and a laptop computer said they now use their laptop in different parts of the house.


About the Author

Linda McGlasson

Linda McGlasson

Managing Editor

Linda McGlasson is a seasoned writer and editor with 20 years of experience in writing for corporations, business publications and newspapers. She has worked in the Financial Services industry for more than 12 years. Most recently Linda headed information security awareness and training and the Computer Incident Response Team for Securities Industry Automation Corporation (SIAC), a subsidiary of the NYSE Group (NYX). As part of her role she developed infosec policy, developed new awareness testing and led the company's incident response team. In the last two years she's been involved with the Financial Services Information Sharing Analysis Center (FS-ISAC), editing its quarterly member newsletter and identifying speakers for member meetings.




Around the Network