A long time has passed since we published our analysis of threats for home network devices. Since then, the situation has significantly changed - alas, not for the better. Back in 2011, we were concerned mainly about the security of SOHO routers, DSL modems and wifi access points. Today, we are talking about the whole Internet-of-Things, which includes every single machine, appliance or gadget that is able to communicate over the Internet.
Let's recall what kind of threats for network devices we were aware of at the end of 2011:
- DNS poisoning, drive-by pharming and SOHO pharming: exploitation of vulnerabilities in a web interface of a router/modem to change its DNS settings in order to redirect users to malicious websites
- UPnP & SNMP based attacks: exploitation of vulnerabilities and implementation issues in widely used protocols in order to get access to the device
- Malicious binaries: Linux-based DDoS (Distributed Denial of Service) tools, especially customized to run on routers; router botnets, capable of conducting a wide range of attacks; worms, infecting routers and spreading through the network
Full Article