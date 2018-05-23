Backdoor Account Found in D-Link DIR-620 Routers (bleepingcomputer.com) 21
Catalin Cimpanu, writing for BleepingComputer: Security researchers have found a backdoor account in the firmware of D-Link DIR-620 routers that allows hackers to take over any device reachable via the Internet. Discovered by Kaspersky Lab researchers, this backdoor grants an attacker access to the device's web panel, and there's no way in which device owners can disable this secret account. The only way to protect devices from getting hacked is to avoid having the router expose its admin panel on the WAN interface, and hence, reachable from anywhere on the Internet.
OpenWRT/LEDE is the only solution (Score:2)
This is why I will never buy or recommend any router that cannot be flashed/used with OpenWRT/LEDE.
You're telling them about our backdoors? (Score:2)
Router found on backdoor (Score:2)
At this point, I think it's fair to say that it was a backdoor that also had a router. Indeed I suspect the router was probably found left on the backdoor.
Disable WAN access you say? (Score:4, Insightful)
I don't know how many people actually enable WAN access to begin with. And it's off by default.
But, regardless, that's probably not the major problem. The major problem comes if your own network is compromised, say, by an IoT device. Then it potentially has a password to your router.
That seems to me to be likely a much bigger problem.
Tweaking the router remotely for your elderly parents or other friends is a valid use-case... Yes, you can — and I do — achieve that by ssh-ing into a Unix computer behind the router, and then use a tunnel to talk to the router's LAN interface. But that may be too complex for most people, wouldn't you agree?
Don't by ANY router that... (Score:3)
Cannot be flashed with third party firmware. I use OpenWRT and DD-WRT and I *refuse* to buy any consumer router that doesn't have at least a porting effort to one of these third party firmware packages.
It's not a perfect solution, but it's one heck of a lot better than just trusting the manufacturer to do the right thing and fix their security issues in a timely manner.
Not the first time (Score:1)
Why would anyone still buy anything from D-Link or e.g. Cisco?
With their stuff, backdoors are not the exception but mandatory feature for every device they sell. 2013, 2016, now.
https://www.theregister.co.uk/... [theregister.co.uk] DIR-100, DI-524, DI-524UP, DI-604S, DI-604UP, DI-604+ and TM-G5240" maybe more.
https://thehackernews.com/2016... [thehackernews.com] DWR-932 B
So, sure once maybe it's an error or oversight. But the number of backdoors with pretty much all router manufacturers, from low end cheapo consumer D-Link to usurious Cisco plat
