A major exploit in Linksys WiFi routers has been reported. Security researcher Troy Mursch has said that 33 models of Linksys routers have serious vulnerabilities that expose users’ connection histories.
According to recent reports, tens of thousands of Linksys routers are currently vulnerable — and who knows how many have been exposed in the past. Troy Mursch, noted security researcher, has concluded that 33 models of Linksys routers have an exploit where one’s connection history can be easily accessed.
The exploit means that the device’s entire connection history can be viewed by an outside party. The exposed information includes MAC addresses, device names, and the version of one’s operating system, and whether or not a password has been recently changed. Out of the 25,000 routers currently vulnerable, around 4,000 still are using their default password.
The way to access this information, according to Mursch, is quite simple. All the attacker needs to do is visit the exposed router’s internet address and run a ‘device list’ request. The exploit works whether or not one has a firewall.
Linksys Flaw: Juicy Information for Hackers
Connection histories can tell more than you might believe. For example, these histories can indicate to hackers which networks are most vulnerable or which have not been updated. For example, locations can easily be discovered through this exploit along with information on whether or not a victim is running outdated software.
The fact that hackers can easily discover if a password change occurred recently is especially worrying. This makes Linksys routers the perfect targets for botnets and other internet crimes.
According to Mursch, there is no guarantee that Linksys routers are currently safe so it’s best to just stay away. The company claims, however, that the flaw can’t be replicated any further but Mursch disagrees.
It’s no secret that our current internet infrastructure is vulnerable and leaves a lot to be desired.
With the growth of blockchain-based systems, perhaps we can begin to imagine an internet which is far more secure and trustworthy. The so-called ‘blockchain router,’ currently in the works by Blocknet and other companies, aims to connect this new internet infrastructure by tapping into the web of blockchain-based networks.
Ultimately, however, it’s not the fault of the router itself. Instead, it’s the fault of Linksys itself which stores this information. Routers arguably have no business storing connection history unless it is cryptographically secure. Blockchain-based systems provide us with a decentralized framework with which we can imagine such security.
One thing is for sure, however: our current internet infrastructure has many holes and is in desperate need of repair or else problems like these will continue to occur.
Do you believe blockchain technology can help secure routers? Let us know your thoughts in the comments below.
Images courtesy of Shutterstock.