Weak default passwords in the Super Hub 2 pose a hacker attack risk
Virgin Media has instructed 800,000 of its customers to change the passwords to their routers immediately to avoid being hacked by opportunistic cyber criminals.
Following an investigation by consumer watchdog Which?, the Internet service provider is advising all users of its Super Hub 2 routers to change their passwords as Which? found that through the use of readily available hacking tools on the Internet, the router could be cracked in a matter days.
Part of the problem with the Super Hub 2 is that is uses a weak default password a mere eight characters long using only lowercase letters.
In comparison, Virgin Media’s latest router the Super Hub 3.0, has much stronger password structures using 12 characters and a mix of numbers, upper and lowercase letters, which through the use of the same hacking tools would take 263 million years to crack; we doubt that many hackers will have that level of patience to hack a home router.
“The security of our network and of our customers is of paramount importance to us. We continually upgrade our systems and equipment to ensure that we meet all current industry standards,” a Virgin Media spokesperson said.
“To the extent that technology allows this to be done, we regularly support our customers through advice, firmware and software updates, and offer them the chance to upgrade to a Hub 3.0 which contains additional security provisions.”
Virgin Media’s older hub routers are not exactly inspiring confidence in their security capabilities as a security flaw was recently found in the Super Hub 2 and the Super Hub 2AC wireless routers.
The flaw, discovered by Context Information Security, could be used to exploit a backup feature in the brace of routers to enable hackers to download router configurations tweak them and then upload the new instructions to the router’s software to gain remote access to it.
Virgin Media is not alone with its router woes as most of the Mirai botnet in the UK consist of routers from TalkTalk.
Are you a security pro? Try our quiz!