Yes, NETGEAR Routers have once again become a victim of DNS Monitoring, potentially affecting 5000 Devices.
This week, we reported about a Vigilante Hacker, who protected users by installing malware on their Wi-Fi routers, forcing them to use a secure password.
Now within few days, a security researcher has discovered a serious vulnerability in Netgear routers that has been publicly exploited by hackers.
The critical flaw could allow hackers to change the Domain Name System (DNS) settings of victims’ routers to the malicious IP address.
A security researcher, named Joe Giron, gave the details of his experience to BBC, saying that he noticed some anonymous activities in his machine and on investigating he learned that:
The admin settings on his personal router have been modified on 28 September.
Specifically, Domain Name System (DNS) settings on his router were changed to a suspicious IP address.
As an outcome of which the hacked router was sending web browsing data to a malicious Internet address.
“Normally I set mine to Google’s [IP address], and it was not that, it was something else,”Giron said. “For two or three days all my DNS traffic was being sent over to them.”
Giron contacted Netgear about the serious issue, to which they replied that the vulnerability discovered their products is ‘serious,’ but “affects fewer than 5,000 devices.“
Further, Giron switched off his router to avoid anymore mishappenings.
Is it Serious Flaw…?
In another statement, Jonathan Wu, senior director of product management at Netgear said, “Is it serious? Yes, it definitely is.”
Mr. Wu meant that for anybody to get access to your machine via a router is initially an access to the network first and then guessing the admin password is required.
Therefore, in Giron’s case, his router settings had been configured in such a way that he has not disabled the security setting that allowed the device to be accessed remotely.
Currently, any patch is not available for the firmware on the affected devices. However, Netgear assures its users that the company will release a patch by October 14 to fix the issue.
Therefore, we would suggest all the Netgear router’s users not to use their devices, until the vulnerability is patched; as you might be one of those 5000.