A recent report by internet security research firm, Cymru has shockingly revealed that over 0.3 million small office and home routers (SOHOs) around the world have been compromised using man-in-the-middle attacks. The ‘Growing Exploitation of Small Office Routers Creating Serious Risks’ report clearly indicates that routers primarily in Europe and Asia have been compromised by what they term as SOHO pharming.
Specifically, a majority of these lie in countries like Vietnam, India, Italy and Thailand. The routers in the mentioned countries have been affected by changing their DNS settings from their ISP’s default to two UK IP addresses (5.45.75.11 and 5.45.75.36). Routers were affected in two ways. In one, a malicious code was used to target those routers which had their GUI’s accessible from the internet. Secondly, the other target routers were those that were vulnerable to ROM-O attacks, with a majority that ran ZyXEL’s ZynOS falling under the category.
The research team has however still not detected any evidence to suggest the two IP addresses were being used for malicious activities. Meanwhile, Cymru has advised users to check the DNS settings on their routers to make sure that they match the ISP’s DNS.
Paul Balo is the founder of TechBooky and a highly skilled wireless communications professional with a strong background in cloud computing, offering extensive experience in designing, implementing, and managing wireless communication systems.
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.Ok
