Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Security IT Technology

Walmart-exclusive Router and Others Sold on Amazon and eBay Contain Hidden Backdoors To Control Devices (cybernews.com) 94

Bernard Meyer, reporting for CyberNews: In a collaboration between CyberNews Sr. Information Security Researcher Mantas Sasnauskas and researchers James Clee and Roni Carta, suspicious backdoors have been discovered in a Chinese-made Jetstream router, sold exclusively at Walmart as their new line of "affordable" wifi routers. This backdoor would allow an attacker the ability to remotely control not only the routers, but also any devices connected to that network. CyberNews reached out to Walmart for comment and to understand whether they were aware of the Jetstream backdoor, and what they plan to do to protect their customers. After we sent information about the affected Jetstream device, a Walmart spokesperson informed CyberNews: "Thank you for bringing this to our attention. We are looking into the issue to learn more. The item in question is currently out of stock and we do not have plans to replenish it."

Besides the Walmart-exclusive Jetstream router, the cybersecurity research team also discovered that low-cost Wavlink routers, normally sold on Amazon or eBay, have similar backdoors. The Wavlink routers also contain a script that lists nearby wifi and has the capability to connect to those networks. We have also found evidence that these backdoors are being actively exploited, and there's been an attempt to add the devices to a Mirai botnet. Mirai is malware that infects devices connected to a network, turns them into remotely controlled bots as part of a botnet, and uses them in large-scale attacks. The most famous of these is the 2016 Dyn DNS cyberattack, which brought down major websites like Reddit, Netflix, CNN, GitHub, Twitter, Airbnb and more.

This discussion has been archived. No new comments can be posted.

Walmart-exclusive Router and Others Sold on Amazon and eBay Contain Hidden Backdoors To Control Devices

Comments Filter:
  • by Joe_Dragon ( 2206452 ) on Monday November 23, 2020 @02:30PM (#60758216)

    China-Mart is selling tech with Chinese backdoor!
    Well this what you get when you don't make stuff in the usa any more.

    • by bws111 ( 1216812 ) on Monday November 23, 2020 @02:35PM (#60758234)

      The USA makes loads of 'stuff'. Just not the kind of 'stuff' you find in Walmart.

    • by jovius ( 974690 ) on Monday November 23, 2020 @02:41PM (#60758246)

      American backdoors, fuck yeah!

    • by mspohr ( 589790 )

      We want 'merican stuff with 'merican back doors so ATT, NSA, etc. can monitor us!

    • Where is the FCC when you need them, and Class Action lawyers forcing an expensive consumer product recall. Not fit for purpose, hidden and latent defects may work in some consumer friendly states. Where is the password/password admin/admin nonsense going to be stopped. And Cisco beat all others and had undeclared userids at multiple levels. Every branded router and mobile has backdoors, I suppose there might be an exception or two. Now back to a repressive regime country - no not China but Australia. Ever
    • China-Mart is selling tech with Chinese backdoor! Well this what you get when you don't make stuff in the usa any more.

      So, lets see, A Chinese collaborator does not have to do his dirty deeds remotely. He could be an American, Britisher, Canadian, someone, who makes some $$$ to get the backdoor malware into the eprom software or other malleable storage devices. Furthermore, once installed, it will spread. The only way to have some security is to have source code delivered. We visibly scan the source code, sign it as "clean", and compile it to meet the instruction set of the host computer. We use certified compilers, not l

  • by Krishnoid ( 984597 ) on Monday November 23, 2020 @02:46PM (#60758262) Journal

    "Thank you for bringing this to our attention. We are looking into the issue to learn more. The item in question is currently out of stock and we do not have plans to replenish it."

    After exfiltrating all the data they were interested in, they exfiltrated themselves. Standard operating procedure for spies. Or maybe they camouflaged themselves as toilet paper on sale and people bought them out.

  • Let's get it done (Score:5, Insightful)

    by AndyKron ( 937105 ) on Monday November 23, 2020 @02:49PM (#60758272)
    We're almost forcing ourselves to be open source
  • by hawk ( 1151 ) <hawk@eyry.org> on Monday November 23, 2020 @02:55PM (#60758296) Journal

    Let's be serious.

    That a bulk market ChiCom router has back doors is a *given*.

    You don't "discover" that it has them; you either succeed or fail at finding them . . .

    hawk

    • And when you fail, you admit you fucked up and lied
    • I would be highly suirprised to learn those are ACTUAL backdoor, e.g. intentional access left with malicious intent- What is far more probable, and happenned for a lot of router over the last decades, is that those are admin/dev or even debugging access which were left in by cheapo development company, as it happenned so many time in the past. But since this is China rather than call it poor dev practice and cheapo dev, they call it backdoor.
  • by theshowmecanuck ( 703852 ) on Monday November 23, 2020 @03:09PM (#60758352) Journal
    Bill Clinton gave China most favoured trading nation status after he said he wouldn't (to get elected) very likely at the behest of his biggest backers. That is, fellow Arkansans, the Waltons. A.K.A. the owners of Walmart. If Walmart were a country, it would be the largest importer of Chinese goods in the world, next to America. Incidentally, Hillary Clinton worked as a Walmart corporate lawyer at one point, and sat on the Board of Directors. And when she ran for president she said (paraphrased), "my husband will be one of my closest finance policy advisors." So blame Walmart and the Clintons for a lot more than shitty routers. And fuck Walmart for them, too. FWIW, even Bernie Sanders wants to curb how much the west deals with China.
    • by youngone ( 975102 ) on Monday November 23, 2020 @03:31PM (#60758462)
      You do realise that Bill Clinton hasn't been the president since 2001 don't you?
      Hilary hasn't been anything at all since 2013.
      In the 20 years since Bill finished being president the republicans have controlled 2/3 of your government most of time and changed exactly nothing about China's trade status.
      Stop pretending to yourself this is some sort of democrat plot, or that the Clintons have any power.
  • There are very few manufacturers who are trustworthy enough to be granted an exception to that rule. A router works with OpenWRT or it might just as well not exist.
  • by PPH ( 736903 ) on Monday November 23, 2020 @03:27PM (#60758446)

    Anyone know if OpenWRT supports these routers? At these prices, I might pick one up and overwrite the Chinese firmware.

    • Don't forget, your dsl modem is also a vulnerability.

      • by PPH ( 736903 )

        dsl modem

        DSL. How quaint. At any rate, the ONT is on the wrong side of a firewall.

        • Making it a vulnerability you can't control. Thanks for your insightful contribution. /s

          • by PPH ( 736903 )

            Making it a vulnerability you can't control.

            The entire Internet beyond a firewall is full of vulnerabilities we can't control. Deal with it.

  • I would be shocked if there weren't any back doors in Chinese made routers. Also, I'm sure American made equipment has back doors that the NSA is aware of.
  • I bought a cheap wireless mouse of their store brand. It frequently froze for several seconds for no reason I could tell. It is sitting on a bookshelf now unused. I went to a computer store and paid about the same for a wired gaming mouse that works.

  • by bloodhawk ( 813939 ) on Monday November 23, 2020 @03:50PM (#60758540)
    Not to downplay the seriousness of this but how the fuck do they get control of any device connected. I am 99.9% sure if I connect to a compromised endpoint you aren't going to gain control of my device unless I also do something stupid or have a vulnerability in the device I am using.
    • by MobyDisk ( 75490 )

      unless I also do something stupid or have a vulnerability in the device I am using.

      Those do not sound like particularly high bars, especially considering we are talking about average consumers who bought a Chinese router.

    • by kenh ( 9056 )

      Agreed. A back door in a router doesn't suddenly breach security on every connected device.

  • Why the quotes? It can be affordable AND allow the Chinese state to surveil your activities. Those goals are independent.

  • by Anonymous Coward
    Can't wait to see what backdoors Apple routers and WiFi devices have, since they are made in China afterall. Would love to see Apple have to fix them after abandoning all of their customers.
    • Indeed. For a company that loves vertical integration, it was kind of a WTF moment when they announced EOL for their AirPort routers.

    • They did update the routers, even the old N only ones, when a problem was found, about a year ago....
  • It happened since web-marketplaces exists..
  • Pick one. I currently have a OpenWrt router. i will probably go back to the PFSense router soon. Why would you think any closed source lightweight walmart router would be secure?
  • When it comes to tech, never trust anything that is 'given' to you by a business. You are either customer or the product. Sometimes you are both.
  • Yeah breaking news, but it's just disgusting and is an important argument that you need to have full access on a device.

    And btw. "exclusive", what a joke, more true: "exclusive plastic outer shell and images for the webinterface".

Like punning, programming is a play on words.

Working...