Hackers are Targeting Routers

Usually hackers are just content to mess up our lives by infiltrating a network and disrupting business. Typically, they find their way into our networks or computers to do their trickery. Recently they’ve decided to change things up by taking over a home or business’s router, the veritable heart of any home’s our business’s wired or wireless network. They’re having success at hacking routers because they happen to know which models of select router brands have vulnerabilities that can be exploited. And hackers are not shy about exploiting those weak spots. So, it’s very important for you to be aware of the latest developments so you might be able to avoid the danger. In short, you should learn about your router’s security features and investigate whether your router’s firmware (internal software) needs a security update. You should also find out what the password is for updating and managing your router. Yes…there is one, and few people know about it. This is what hackers are counting on. This unusual hacker attack has a few twists and turns, so you may want to visit our Learning Center to fill in any knowledge gaps you might come across, which features easy-to-read articles on routers, DNS, and several other terms touched upon in this article. The goal of this hack is for hackers to steal valuable ad traffic from large web ad agencies with names like Propellerads, Pop cash and Taboola, and redirect it instead to sites called Fogzy and TrafficBroker. It’s large scale ad theft. Online advertisers who pay for services to post an ad get swindled when hackers step in and steal their traffic. And to pull off the online heist, hackers are using you and your router. Without you being aware of it. This manipulation is being called a DNS Changer attack vector . (DNS stands for Domain Name System, a networking/Internet process that takes you to websites you want to visit.) The hackers place a small but disruptive piece of malicious software inside your router. It happens in two primary stages, both involving you clicking on images or ads: The ads/images in the first stage of the DNSChanger exploit are there to look at IP addresses, casting a net to see if it fits into the group of potential router targets. Security experts say that the first round of malicious ads are hosted in waves for a few days at a time, on legitimate ad networks, and displayed on ordinary, and otherwise safe websites. If this first phase identifies a target router, the attack continues. The router is redirected to a webpage and this time, when a certain image is clicked on by the unsuspecting user, malware is unleashed into the router to exploit weak security. And if you and your router fit a specific profile, you’re in danger. The malware that’s on the deceptive websites hoping for one of two situations: According to security information websites, hackers and attackers are zeroing in on 165 router models that are vulnerable routers—vulnerable because the manufacturer has not updated the routers’ internal “firmware” or made it more secure. Hackers keep up to date on this type of news and share it with other hackers. Somewhere online there’s likely a comprehensive list of all the makes and models; most sites will say that D-Link DSL-2740R, Netgear WNDR3400v3 (plus related models), and Netgear R6200 can all be susceptible to attack. (Apple’s routers, so far, haven’t been exploited with the DNSChanger attack). With all that’s going on today, DNS Changer and beyond, maybe this is a good time to research your router and find out if it’s vulnerable…before the hackers do