[dba-Tech] D-Link routers compromised?

Tydda Jon - Lonza Slough jon.tydda at lonza.com
Mon Oct 14 10:55:08 CDT 2013


http://www.bbc.co.uk/news/technology-24519307#


Backdoor found in D-Link home routers
An easy-to-exploit backdoor has been found in seven different models of domestic routers made by D-Link and Planex.
The backdoor, if used, would let an attacker take complete control of a router or modem and spy on a home's browsing activity.
D-Link has acknowledged the existence of the backdoor and said a fix would be available by the end of October.
So far, the backdoor does not seem to have been exploited "in the wild".
The backdoor was discovered by security researcher Craig Heffner, who reverse-engineered the software used to control a D-Link DIR-100 router. Deep analysis of the code revealed a string of letters that, if used in the right way, unlocked remote access to the gadget.
Writing about his findings on his blog<http://www.itworld.com/data-protection/378427/backdoor-found-d-link-router-firmware-code>, Mr Heffner speculated that the password string was included to make it easier for D-Link to remotely update some of its products.
The same string has been found to work on seven D-Link routers (DIR-100, DI-524, DI-524UP, DI-604S, DI-604UP, DI-604+ and the TM-G5240) and two from Planex (BRL-04UR and BRL-04CW).
Many thousands of people are believed to have bought the routers before they were revealed to be vulnerable.
In a statement<http://www.dlink.com/uk/en/support/security>, D-Link said it was working with Mr Heffner and other security researchers to find out more about the backdoor. And it was also conducting a review of its other products to see if it was present in other models.
It added that it would soon produce a update for the software that keeps the routers running, known as firmware, that would close the backdoor. The company urged users to be vigilant and to disable remote access to their router if it was not needed.
Planex has yet to issue a statement about its products.


Jon



  ________________________________
This communication and its attachments, if any, may contain confidential and privileged information the use of which by other persons or entities than the intended recipient is prohibited. If you receive this transmission in error, please contact the sender immediately and delete the material from your system.


More information about the dba-Tech mailing list