This is how routers use to install malware and steal data from your devices

Routers are the devices that establish the Wi-Fi connection within the home. Their role is so important that many attackers use them as a “Trojan horse” to gain access to a private network. According to the analysis carried out by Kaspersky, in 2021 more than 500 vulnerabilities, including 87 critical.

Users rarely think about the security of their devices: according to the survey, 73% never considered upgrade or secure your router, making it one of the biggest everyday threats.

A router is the hub of the entire home network, as all connections in a home enter through this device. By infecting it, the attackers gain access to the network, through which data packets are transmitted.

In this way, they can install malware on connected computers to steal sensitive data, private photos, or business files, possibly causing irreparable harm to the victim.

Through the infected device, the attacker can also redirect users to phishing pages that masquerade as frequently used webmail or online banking sites.

Any information you enter on these pages, whether it is email username and password or bank card information, will immediately fall into the hands of scammers.

“Technology is rapidly intruding into our lives, but cybersecurity is not advancing at the same rate. Many employees have been working from home for the last two years, but the security of routers has not improved during this time, as they are rarely updated,” says Maria Namestnikova, head of the global Russia research and analysis team at Kaspersky.

Routers: how to avoid “Trojan horse” attacks

The number of attacks grows exponentially every year. Kaspersky font. The number of attacks grows exponentially every year. Kaspersky font.

Since 2010, the number of vulnerabilities has increased. In 2020, there were 603, three times more than the previous year. In 2021, it remained at 506 although 87 were critical.

Critical vulnerabilities are the most unprotected “holes” through which an attacker can penetrate a network, both home and corporate. They can allow the attacker to bypass authentication, send remote commands to a router or even disable it.

By doing so, operators can steal any data or files transmitted over an infected network, be it personal photos, private information, or even business contracts sent via email.

“The important thing is to prevent a threat as soon as possible, because people usually find out about an attack too late, after their money has been stolen,” says Namestnikova.

Although researchers are now raising awareness of many more vulnerabilities found than ever before, routers are still one of the most insecure devices.

One reason is that not all manufacturers are quick to eliminate the dangers. Nearly a third of critical vulnerabilities discovered in 2021 remain unanswered from vendors, meaning no patches or advisory comments have been issued for them.

Another 26% of those vulnerabilities received only one comment from the company, which in most cases includes recommendations to contact technical support.

By Editor

Leave a Reply