Researchers at Indiana University in the US have warned that home routers are at risk of being compromised by remote hackers.
The malware would allow remote attackers to change the settings on a user’s router, to enable them to steal data and/or cause denial of service attacks.
The researchers have demonstrated the threat using a variety of home routers from different suppliers, and internet security firm Symantec has confirmed the threat using its own tests.
The security opening is down to users not changing the default passwords in their routers when installing them.
While the threat to home routers is real, said the researchers, no actual attacks have so far taken place. Users would also first have to be persuaded to visit a malicious website for any attack to take place.
Details of the threat can be viewed at: http://www.cs.indiana.edu/pub/techreports/TR641.pdf
Comment on this article: firstname.lastname@example.org
David Lacey’s security blog
The latest ideas, best practices, and business issues associated with managing security