Virgin Media Plugs Security Flaw In A Brace Of Its Wireless Routers

A security flaw has been discovered in a brace of Virgin Media wireless routers that allowed unauthorised administrative-level access the home hubs.

Discovered by Context Information Security through reverse engineering the software on the Virgin Media Super Hub 2 and Super Hub 2AC  wireless routers, a flaw in the backup feature of the devices allowed hackers to download the router configurations, such as dynamic DNS and port forwarding settings.

Though such backups are encrypted, the encryption key is the same for all of the routers, meaning hackers with administrative access to the vulnerable routers could get access to the backups information, add their own instructions to it then restore the backup to the hub, thereby compromising it.

Hackers with this access could gain remote access to the targeted hub and monitor all network traffic to and from the device.

Hacked hubs

“The Super Hub represents the default home router offering from one of the UK’s largest ISPs and is therefore present in millions of UK households, making it a prime target for attackers. While ISP-provided routers like this are generally subject to more security testing than a typical off-the-shelf home router, our research shows that a determined attacker can find flaws such as this using inexpensive equipment,” said Andy Monaghan, a principal security researcher at Context.

The cyber security firm notified Virgin Media of the flaw, and the telecoms company rapidly pushed out a patch to plug the security hole.

“Virgin Media has deployed a firmware patch to our SuperHub 2 and 2AC routers that addresses this issue,” a Virgin Media spokesperson told Silicon.

“We take the security of our customers very seriously and experts within our organisation often work with trusted third-parties to help keep our customers as secure as possible. We thank Context for their professionalism and cooperation.”

Router of all evil

Netgear is the provider of routers to Virgin Media, so it would appear that the flaw originated from it rather than a a problem introduced by Virgin Media.

“[Internet Service Providers] will always be at the mercy of their hardware suppliers to some extent,” said Jan Mitchell, a senior researcher at Context. “Recent press coverage of attacks such as the Mirai worm highlights the importance to vendors of carrying out independent security testing of their products to reduce the likelihood of exploitation in production devices. Thankfully, Virgin Media was quick to respond to Context’s findings and start the remediation process.”

So far there have been no reports of the routers being hijacked by hackers out in the wild, so it would appear Virgin Media’s rapid response helped it dodge a nasty cyber security bullet.

TalkTalk has not been so lucky with its routers, as most of the Mirai botnet in the UK consist of routers from TalkTalk.

Are you a security pro? Try our quiz!

Roland Moore-Colyer

As News Editor of Silicon UK, Roland keeps a keen eye on the daily tech news coverage for the site, while also focusing on stories around cyber security, public sector IT, innovation, AI, and gadgets.

View Comments

  • Virgin Media has been replacing the 2 and 2AC hubs with the new Hub 3.0 which has a firmware issue as yet unresolved after 18 months by Arris.

Recent Posts

Norway Hit By DDoS Cyber Attacks From Pro Russian Group

Norwegian national security agency warns pro-Russian group has targetted private and public institutions in Norway…

16 hours ago

Google Tells Staff They Can Relocate After Roe v Wade Ending

After US Supreme Court last week removed women's reproduction rights, Google tells staff they can…

17 hours ago

Taiwan Developing Own Digital Currency – Report

Central bank of Taiwan confirms it is still working on its digital currency, but has…

18 hours ago

Tesla Cuts 200 Autopilot Jobs, Closes San Mateo Office – Report

More restructuring at Tesla with hundreds of bob losses and California office closure, where staff…

20 hours ago

US FCC Commissioner Urges Apple, Google To Remove TikTok

Fresh worry for TikTok, after FCC Commissioner writes to Apple and Google about removing the…

21 hours ago

Airbnb Permanently Bans Parties, With Few Exceptions

Victory for irate neighbours? Airbnb confirms its temporary Covid ban on parties in its listings…

21 hours ago