Benjamin Juang (ibneko) wrote,
Benjamin Juang

SECURITY ALERT: Got a router? Do you know the password?

If you know the password because you've changed it from the default, you're fine.

Otherwise, there's a new attack - Attackers use Javascript in your browser to change your router settings, so trying to access the banks online will redirect you to their site. There, they can steal your information when you enter it.

The well written analogy is:
I’ll start with a high-level real-world analogy of this attack. Imagine that whenever you wanted to go to your bank, you picked up your phone directory, looked up the bank’s address, and then went there. Our attack shows a simple way that attackers can replace the phone books in your house with one that they created. Now, when you pick up that rogue phone book to get your bank’s address, it’ll actually give you the wrong address. At this wrong address, the attackers will have set up a fake bank that looks just like your bank. When you do business with this fake bank, you’ll give up all your sensitive bank account information. However, you’ll never realize that you were at a fake bank since you trusted the address that you got from what you thought was your legitimate telephone book.
(they also have a nice flash video that provides a graphical idea of how it works.)

No clue what I'm talking about? If you connect to the internet by way of a router (regardless of wired or wireless), you can check by following the following steps:
1. Access your router. Chances are, one of the following links will work:

2. If a username/password thing pops up, good. Try the following:
Username: admin
Password: password

Username: admin
Password: 1234

(username may be "Admin")

Username: admin
Password: empty

Username: empty
Password: admin

3. Now change the password.
Navigate to Maintenance > Set Password. (Netgear support page)

Navigate to Tools, then Admin (D-link support page)

Either click on "Administration", or "Password" (Linksys support page)

Other username/password combinations I've run across are:

If step 2 fails, follow the instructions here to figure out where you need to go.
Tags: security

  • Post a new comment


    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded