Tag Archive for: DLink

D-Link routers are under attack from hackers


Your router is the key to home internet. All other devices must connect to the router for Wi-Fi, which is why you must ensure all security protocols are in place. Hackers who breach your router can cause serious problems. Tap or click here for five reasons to replace your router.

The gateway to valuable information is a lucrative prospect for any cybercriminal, and a group is now using a new malware variant to conduct their crimes.

Read on to see how this malware works and how to protect your router.

Here’s the backstory

Last year, security researchers at Fortinet found malware in Hikvision security cameras. Hackers used Mirai malware to launch strategically distributed denial of service (DDoS) attacks. These attacks flood a network, crippling it under the pressure of multiple data requests.

However, the malware has gone through an update, and researchers at Palo Alto Network’s Unit 42 spotted the latest version at work. A blog post explains that the MooBot variant specifically targets D-Link routers and exploits these vulnerabilities:

  • HNAP SOAPAction Header Command Execution Vulnerability.
  • SOAP Interface Remote Code Execution Vulnerability.
  • Remote Command Execution Vulnerability (two versions).

The end goal of the hackers is the same as before, trying to incorporate as many routers into a massive DDoS attack. While the criminals aren’t necessarily after your private data, it can give them a glimpse into valuable information.

What you can do about it

Unit 42 alerted D-Link to the flaws through the responsible disclosure of vulnerabilities. As a result, the company has rolled out several security patches to correct the mistakes, but some users might still have unpatched routers.

D-Link router flaws include:

  • D-Link Wireless N Home Router with SmartBeam technology (DIR-645).
  • Wireless AC1900 Dual-Band Gigabit Cloud Router (DIR-880L).
  • D-Link Wireless AC1200 Dual-Band Gigabit Cloud Router (DIR-860L).
  • Wireless AC1000 Home Cloud Dual-Band Broadband Router (DIR-820L).
  • D-Link Wireless AC750 Dual-Band Cloud Router (DIR-816L).

If you…

Source…

Hacker group has been hijacking DNS traffic on D-Link routers for three months – ZDNet

Hacker group has been hijacking DNS traffic on D-Link routers for three months  ZDNet

Other router models have also been targeted, such as ARG, DSLink, Secutech, and TOTOLINK.

“HTTPS hijacking” – read more

Unpatched D-Link routers targeted in malicious DNS hijacking campaign

Unpatched D-Link routers targeted in malicious DNS hijacking campaign

Cybercriminals have been hacking into home routers for the last three months, meddling with DNS settings to redirect users surfing the web towards malicious websites.

Read more in my article on the Bitdefender BOX blog.

Graham Cluley