Wi-Fi cred-baring vuln lets attackers take full control.
A Wi-Fi security flaw leaves Virgin Media subscribers' wireless connections vulnerable to takeover by hackers.
The vulnerability, identified by IT consultant Paul Moore, means Virgin Media Superhub router/modem combo devices leak users' passwords every time they reboot. The issue arises because the Netgear-manufactured device brings up the Wi-Fi card without any form of encryption.
"After the seven second window, the router takes the Wi-Fi card offline, enables encryption and brings the card back up," Moore explains. "That’d be great, if we hadn’t already broadcast the encryption key to everyone nearby.”
Moore added:
That’s akin to reading your password aloud while you change it.
Moore warns that hackers can take advantage of the vulnerability by forcing a device within range to reboot before snaffling the password. He wrote a proof-of-concept script that could automate this task while acting as a worm going from one router to another.
Successful exploitation of the trick, which is far from reliable, would allow miscreants to get up to all sorts of mischief, such as redirecting surfers from genuine websites to fraudulent versions in order to browse the hard drives of victims on the compromised networks. Hackers could even use a compromised connection to access illegal material in someone else's name.
Full Article
Got a Netgear router from Virgin Media? Change your admin password NOW
Userlevel 7
+54
Userlevel 7
Hi Jasper
Thanks for finding and posting that one...I wonder if it applies to all Netgear routers or just the Vigin Super Hub model. I would hope not but then why would Netgear do something different for one model of router when compared to the others? I hope that this is qualified soon as if the worst case is true then there are a awful lot of vulnerable WiFi networs out there, even if encypted...GULP :S
Regards, Baldrick
Thanks for finding and posting that one...I wonder if it applies to all Netgear routers or just the Vigin Super Hub model. I would hope not but then why would Netgear do something different for one model of router when compared to the others? I hope that this is qualified soon as if the worst case is true then there are a awful lot of vulnerable WiFi networs out there, even if encypted...GULP :S
Regards, Baldrick
Userlevel 7
The following article is a update:
*************************************
Virgin Media has failed to upgrade weak encryption software that it uses for sensitive parts of the telco's website, despite complaints from customers who claim to have repeatedly flagged up security concerns to the firm.
In parallel with the gripes, Mozilla – which recently told netizens that it planned to end support for the RC4 stream cipher used by VM – has an open tracking bug about the cable company's site.
Elsewhere, Google's browser Chrome has also been spitting out security warnings about various Virgin Media pages (such as https://identity.virginmedia.com) because the connection has to first be retired to use an older version of the TLS (transport layer security) protocol.
http://regmedia.co.uk/2015/03/30/virgin_media_rc4.jpg But Virgin Media has yet to upgrade its service, even though it first heard about the potential security headache late last year. A spokesman at the company told The Register:
*************************************
Virgin Media takes its time on website crypto upgrade.
30 Mar 2015 at 13:11, Kelly FiveashVirgin Media has failed to upgrade weak encryption software that it uses for sensitive parts of the telco's website, despite complaints from customers who claim to have repeatedly flagged up security concerns to the firm.
In parallel with the gripes, Mozilla – which recently told netizens that it planned to end support for the RC4 stream cipher used by VM – has an open tracking bug about the cable company's site.
Elsewhere, Google's browser Chrome has also been spitting out security warnings about various Virgin Media pages (such as https://identity.virginmedia.com) because the connection has to first be retired to use an older version of the TLS (transport layer security) protocol.
http://regmedia.co.uk/2015/03/30/virgin_media_rc4.jpg But Virgin Media has yet to upgrade its service, even though it first heard about the potential security headache late last year. A spokesman at the company told The Register:
Although there are no practical exploits of the algorithm, we have a programme of work which is well underway that will address the issue.
full article
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.