Industry News

Backdoor Still Hidden in Patch for Wi-Fi Routers

Backdoor Still Hidden in Patch for Wi-Fi Routers The backdoor affecting Sercomm wireless DSL routers has not been fixed, and lays hidden in the latest version of the devices’ firmware to intercept users’ home traffic, according to Ars Technica.

In December 2013, Eloi Vanderbecken discovered hackers could exploit his parents’ Linksys Wi-Fi router to gain administrative rights and manipulate local network resources without admin credentials. The device was listening on an undocumented Internet Protocol port number (32764) which allowed him to execute several commands, including running a script and enabling administrator privileges.

Allegedly, the backdoor required the attacker to be on the local network. The raw Ethernet packets were sent from within the local wireless LAN or from the Internet service provider’s equipment. Vanderbeken later reported some routers could be hijacked via the Internet as well, leaving them vulnerable to remote attacks.

As a result, the systems based on the same Sercomm modem, including home routers from Netgear, Cisco and Diamond, have published an update meant to seal the vulnerability. However, the researcher recently disclosed that the communications flaw persists in the new code. The backdoor can be reactivated through a network packet used by “an old Sercomm update tool.” The packet’s payload is an MD5 hash of the router’s model number (DGN1000).

Once the backdoor is turned back on, it monitors TCP/IP traffic and allows hackers to send commands to the router, including a screenshot of its entire configuration. It also gives access to hardware features such as blinking the router’s lights.

Due to the variety of models and manufacturers, the number of devices affected is unknown. The manufacturers have not issued an official response up to this point.

About the author

Alexandra GHEORGHE

Alexandra started writing about IT at the dawn of the decade - when an iPad was an eye-injury patch, we were minus Google+ and we all had Jobs. She has since wielded her background in PR and marketing communications to translate binary code to colorful stories that have been known to wear out readers' mouse scrolls. Alexandra is also a social media enthusiast who 'likes' only what she likes and LOLs only when she laughs out loud.

1 Comment

Click here to post a comment
  • It is rare for me to uncover something on the web thats as entertaining and intriguing as what you have got here. Your page is sweet, your graphics are great, and whats much more, you use source that are relevant to what youre saying. That you are undoubtedly one in a million, well done! cedekeddekge