2 min read

UK ISP Had 6 Million Routers Vulnerable for a DNS Vulnerability for 18 Months

Silviu STAHIE

November 22, 2021

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
UK ISP Had 6 Million Routers Vulnerable for a DNS Vulnerability for 18 Months

Security researchers have revealed that around 6 million Sky routers have been affected by a DNS rebinding vulnerability that would have let attackers control any router in the past 18 months.

Internet service providers (ISP) often offer their own routers to people who subscribe to their services. The problem is that ISPs have to provide proper support for those routers, or customers might keep vulnerable devices in their network.

Routers are all the most important as they are usually home guardians as well, acting as gatekeepers to our kingdoms. A crack in that “wall” is much less than ideal. Whether the exploit has been used in the wild is unclear.

Sky’s routers have been affected until recently by a DNS rebinding vulnerability that could have allowed attackers to remotely take over devices, especially those still using the default credentials. People who connected to the Internet from behind one of those routers could have been tricked into clicking on a link that let remote attackers redirect DNS traffic and eventually take control.

From there, obtaining the Wi-Fi password, enabling DMZ servers, or simply forwarding ports would have been trivial, eventually giving an attacker a legitimate way to enter the network.

“With remote management enabled, the attacker could connect directly to the router’s web application and modify any settings, such as setup up a DMZ server or configure port forwarding, exposing the internal home network to the internet,” said the Pen Test Partners researchers.

“Affected models: Sky Hub 3, 3.5 and Booster 3 (ER110, ER115, EE120) Sky Hub 2 and booster 2 (SR102, SB601) Sky Hub (SR101). The Sky Hub 4 and Booster 4 (SR203, SE210) were also affected by the DNS rebinding vulnerability, however, every device comes with a random administrator password, limiting the ease of attack as the password must be brute forced,” they added.

While it’s not uncommon to find vulnerabilities in routers, taking 18 months to fix the issue is not ordinary. The researchers initially provided Sky with the regular 90 days window and extended way past that mark when the pandemic hit.

The initial report came on May 11, 2020, but the ISP managed to cover 50% of the user base with a patch by May 2021. The latest messages from the company said that they managed to update 99% of the routers, 18 months later, in October 2021.

tags


Author



Right now

Top posts

What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read
Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

July 07, 2022

5 min read
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

June 28, 2022

2 min read
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

June 28, 2022

3 min read
Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

June 22, 2022

1 min read
Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

May 24, 2022

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Sophisticated Smishing Attack on Twilio Leads to Employee Credential Leak and Data Breach Sophisticated Smishing Attack on Twilio Leads to Employee Credential Leak and Data Breach
Silviu STAHIE

August 09, 2022

1 min read
Attackers Hit German Chambers of Industry and Commerce; All Digital Services Down Attackers Hit German Chambers of Industry and Commerce; All Digital Services Down
Silviu STAHIE

August 05, 2022

1 min read
Slope Wallets Blamed for $6 Million Solana Hack Slope Wallets Blamed for $6 Million Solana Hack
Silviu STAHIE

August 04, 2022

1 min read