GhostDNS: 70+ different types of home routers (100,000+) are being hijacked

Discussion in 'Frontpage news' started by Hilbert Hagedoorn, Oct 2, 2018.

  1. Hilbert Hagedoorn

    Hilbert Hagedoorn Don Vito Corleone Staff Member

    Messages:
    41,362
    Likes Received:
    9,498
    GPU:
    AMD | NVIDIA
  2. DeskStar

    DeskStar Maha Guru

    Messages:
    1,239
    Likes Received:
    210
    GPU:
    EVGA 3080Ti/3090FTW
    What a day we live in today..... So many hardware/software vulnerabilities out there its simply amazing anything is up and running ATM. Anything......

    Just crazy.....!!
     
  3. slyphnier

    slyphnier Master Guru

    Messages:
    813
    Likes Received:
    71
    GPU:
    GTX1070
    well ATM basically LAN (enclosed-wan) that only connect to banking-network
    which separate them from internet-open-world
    thats why they not effected much by real-world vulnerabilites... even though probably they share same vulnerabilites
     
  4. Steppzor

    Steppzor Master Guru

    Messages:
    823
    Likes Received:
    67
    GPU:
    MSI 3080 Ventus OC
    Think he ment 'At The Moment' xD
     
    DeskStar and StewieTech like this.

  5. Brasky

    Brasky Ancient Guru

    Messages:
    2,291
    Likes Received:
    239
    GPU:
    ASUS 1080 Strix
    Thanks Ron Burgundy! now i know why you're the most trusted name in San Diego!
     
    StewieTech and norton like this.
  6. Mateja

    Mateja Member Guru

    Messages:
    101
    Likes Received:
    12
    GPU:
    GeForce GT 640 12140MB
    and lo ~ I have a router update! thnx for the heads up! (even updated just a month ago).

    if anyone needs help do this:

    open file explorer (the folder icon on the taskbar)
    click "network" on the left
    in windows 10, my wifi router appears under "network infrastructure" as "R7000 (Gateway)"
    right click that > "view device webpage"
    if it's netgear, The user name is admin, and the password is password
    you may see a flag to update firmware at the top of that main page, if not,
    click "advanced" tab > click "administration" on the left > "router update"
    again, you should see update firmware, but if not click "check"
    let it take the time to update and reset your router (no internet for a minute while it resets)

    as for your cable modem, google your device model number. if it's like mine, it says that firmware updates are pushed by your ISP so no worries there :)

    other tips to maximize security:
    - there may be an option to auto update on your router page (expect to be kicked offline sometimes but who knows maybe it's smarter and knows your idle time like windows 10 updates now)
    - keep windows up to date (type 'check for updates' on windows 10 search bar) > click "check now" if they don't appear already
    - keep your pc up to date w/ manufacturer software (for me it's the "Lenovo vantage" windows 10 app. this pc updates its bios etc a lot)
    - use a wired connection directly from your cable modem to your newest PC (a new chipset that's designed to not have spectre and meltdown vulnerabilities etc).
     
    Last edited: Oct 2, 2018
  7. Fox2232

    Fox2232 Ancient Guru

    Messages:
    11,810
    Likes Received:
    3,366
    GPU:
    6900XT+AW@240Hz
    There is no gain from taking infected device down. Gain comes from many sources, like:
    - pushing users content hijacker wants
    - knowing what victim does
    - having access to their data
    - coordinated blackout when someone pays for it
    - ...
     
  8. Margalus

    Margalus Master Guru

    Messages:
    341
    Likes Received:
    61
    GPU:
    EVGA GTX 980 Ti FTW
    Maybe some people overlooked the key factor here "change the default password."
     
    DeskStar likes this.
  9. tsunami231

    tsunami231 Ancient Guru

    Messages:
    11,948
    Likes Received:
    886
    GPU:
    EVGA 1070Ti Black
    seeing as the DNS on this Sagemcom router I have are locked to Spectrum and cant be changed even by me even if I wanted to, let alone fact that it hasnt had FW in years not much I can do with this router I have less, alot people really do need to change there defualt passwords though
     
  10. sverek

    sverek Ancient Guru

    Messages:
    6,073
    Likes Received:
    2,953
    GPU:
    NOVIDIA -0.5GB
    So it's not attack on router from outside, but from inside (client side)?

    From what I understand, user run JS on compromised website, which find router IP in internal network. Browser then accesses users router via HTTP and changes its settings?
    Damn, browsers are scary.
     

  11. Tripkebab

    Tripkebab Member Guru

    Messages:
    140
    Likes Received:
    6
    GPU:
    Nvidia GTX 1080
    Makes me happy to A. have an Asus Router, B have Asus Merlin which is regular updated FW. Now go give that guy a donation =)
     
  12. DeskStar

    DeskStar Maha Guru

    Messages:
    1,239
    Likes Received:
    210
    GPU:
    EVGA 3080Ti/3090FTW
    Makes me feel good that I never was a person to use default garbage settings just because.

    Because if that is why these issues are taking place.....then by all means it is the consumers fault through and through.

    I am about to buy a newer router, but I think ill stick out my WNDR4500 for a bit longer until the new....new drops some time next year. Since they're in the mode of changing the standard naming of all routers "capabilities" on their throughput.

    Maybe something new will come in the way of a hardware mitigation toward any of these types of vulnerabilities of today.... Maybe??
     
    Last edited: Oct 8, 2018
  13. DeskStar

    DeskStar Maha Guru

    Messages:
    1,239
    Likes Received:
    210
    GPU:
    EVGA 3080Ti/3090FTW

    Are you serious about your user name and password.....?!?!?
     
  14. DeskStar

    DeskStar Maha Guru

    Messages:
    1,239
    Likes Received:
    210
    GPU:
    EVGA 3080Ti/3090FTW

    Buy your own router/modem. You are not locked into using their shtuff at all.
     
  15. tsunami231

    tsunami231 Ancient Guru

    Messages:
    11,948
    Likes Received:
    886
    GPU:
    EVGA 1070Ti Black
    yah i know I want to get the asus 86u but i have not done so yet, what is probably gona happen is I just gone use the asus 66u that currently being used at the house in nj though
     

  16. DeskStar

    DeskStar Maha Guru

    Messages:
    1,239
    Likes Received:
    210
    GPU:
    EVGA 3080Ti/3090FTW
    Right on. I'm in the realm of looking also, but want to let his crazy dust settle before buying into these routers that have been on the market for a few years already.

    Trying to hold out, but this N900 is starting to show its lack of throughput at its age.
     
  17. tsunami231

    tsunami231 Ancient Guru

    Messages:
    11,948
    Likes Received:
    886
    GPU:
    EVGA 1070Ti Black
    yah this sagemcom is utter trash, 1 connection doing something it can do it just fine, but if 2 people are trying to do something other then web browsing, the whole network come to a crawl. my 66U doesnt have this issue. and seeing as it really just me using the interent here replacing the router is low on list of things to do
     

Share This Page