Routers With Hidden Backdoors Discovered
Researchers (Mantas Sasnauskas, James Clee and Roni Carta) have discovered malicious backdoors on multiple Chinese-made WiFi routers sold on Walmart, Amazon and eBay. The hidden backdoor on these devices gives an attacker remote code execution capability through a nicely designed GUI built for this purpose.
Researchers declare that the first of these vulnerable routers is a Walmart-exclusive router branded as Jetstream. The second router to have contained the similar vulnerability is announced as the Wavlink router, that is being sold on Amazon and eBay. Wavlink routers have also been detected to contain a malicious script that lists nearby WiFi networks and have the capability to connect them.
As the researcher declare, both the Jetstream and Wavlink routers even have a separate GUI for their backdoors that enable the attackers to run a system command as root. However, the backdoor is also accessible by attackers without a GUI. Through the hidden backdoor, an attacker can discover the username and password for the router by inspecting the JavaScript code in the admin page’s HTML.
What is more, the researchers found evidence that the discovered backdoors are being actively exploited in an attempt to add these devices to a Mirai botnet.
You can watch the video shared by the researchers to learn more about the discovered vulnerabilities on these devices.
You can also read our article How to Secure Your Home WiFi Router in 15 Simple Steps? to learn more about WiFi router security.