According to researcher at security firm Incapsula, routers with outdated firmware and default passwords are being targeted by hackers.
The routers that are being targeted all come from US vendor Ubiquiti. The hackers are able to use the default password and user name to access the routers.
Once they have admin access, they are loading the routers with malware such as the MrBlack malware (a.k.a. Trojan.Linux.Spike.A). The hacked routers are being used to launch DDoS attacks.
These vulnerabilities opened up the routers to eavesdropping, man-in-the-middle attacks, cookie hijack, and gave hackers the ability to gain access to other local network devices.
SC Magazine |