A security flaw has been discovered in a brace of Virgin Media wireless routers that allowed unauthorised administrative-level access the home hubs.
Discovered by Context Information Security through reverse engineering the software on the Virgin Media Super Hub 2 and Super Hub 2AC wireless routers, a flaw in the backup feature of the devices allowed hackers to download the router configurations, such as dynamic DNS and port forwarding settings.
Though such backups are encrypted, the encryption key is the same for all of the routers, meaning hackers with administrative access to the vulnerable routers could get access to the backups information, add their own instructions to it then restore the backup to the hub, thereby compromising it.
Hackers with this access could gain remote access to the targeted hub and monitor all network traffic to and from the device.
The cyber security firm notified Virgin Media of the flaw, and the telecoms company rapidly pushed out a patch to plug the security hole.
“Virgin Media has deployed a firmware patch to our SuperHub 2 and 2AC routers that addresses this issue,” a Virgin Media spokesperson told Silicon.
“We take the security of our customers very seriously and experts within our organisation often work with trusted third-parties to help keep our customers as secure as possible. We thank Context for their professionalism and cooperation.”
Netgear is the provider of routers to Virgin Media, so it would appear that the flaw originated from it rather than a a problem introduced by Virgin Media.
“[Internet Service Providers] will always be at the mercy of their hardware suppliers to some extent,” said Jan Mitchell, a senior researcher at Context. “Recent press coverage of attacks such as the Mirai worm highlights the importance to vendors of carrying out independent security testing of their products to reduce the likelihood of exploitation in production devices. Thankfully, Virgin Media was quick to respond to Context’s findings and start the remediation process.”
So far there have been no reports of the routers being hijacked by hackers out in the wild, so it would appear Virgin Media’s rapid response helped it dodge a nasty cyber security bullet.
TalkTalk has not been so lucky with its routers, as most of the Mirai botnet in the UK consist of routers from TalkTalk.
Are you a security pro? Try our quiz!
Judge orders X, Starlink bank accounts unfrozen after $3.3m transfer pays off fines imposed on…
Uber expands deal with Waymo from Phoenix to Austin, Texas and Atlanta as it faces…
Discover how Generative AI is transforming the retail experience with personalised interactions, AI-powered search, and…
US House of Representatives passes bill restricting tax credits for electric vehicles using battery technology…
NASA to launch 'Europa Clipper' mission to Jupiter's moon Europa next month as it seeks…
National Crime Agency arrests 17-year-old in Walsall over hack of Transport for London that compromised…
View Comments
Virgin Media has been replacing the 2 and 2AC hubs with the new Hub 3.0 which has a firmware issue as yet unresolved after 18 months by Arris.