A security flaw has been discovered in a brace of Virgin Media wireless routers that allowed unauthorised administrative-level access the home hubs.
Discovered by Context Information Security through reverse engineering the software on the Virgin Media Super Hub 2 and Super Hub 2AC wireless routers, a flaw in the backup feature of the devices allowed hackers to download the router configurations, such as dynamic DNS and port forwarding settings.
Though such backups are encrypted, the encryption key is the same for all of the routers, meaning hackers with administrative access to the vulnerable routers could get access to the backups information, add their own instructions to it then restore the backup to the hub, thereby compromising it.
Hackers with this access could gain remote access to the targeted hub and monitor all network traffic to and from the device.
The cyber security firm notified Virgin Media of the flaw, and the telecoms company rapidly pushed out a patch to plug the security hole.
“Virgin Media has deployed a firmware patch to our SuperHub 2 and 2AC routers that addresses this issue,” a Virgin Media spokesperson told Silicon.
“We take the security of our customers very seriously and experts within our organisation often work with trusted third-parties to help keep our customers as secure as possible. We thank Context for their professionalism and cooperation.”
Netgear is the provider of routers to Virgin Media, so it would appear that the flaw originated from it rather than a a problem introduced by Virgin Media.
“[Internet Service Providers] will always be at the mercy of their hardware suppliers to some extent,” said Jan Mitchell, a senior researcher at Context. “Recent press coverage of attacks such as the Mirai worm highlights the importance to vendors of carrying out independent security testing of their products to reduce the likelihood of exploitation in production devices. Thankfully, Virgin Media was quick to respond to Context’s findings and start the remediation process.”
So far there have been no reports of the routers being hijacked by hackers out in the wild, so it would appear Virgin Media’s rapid response helped it dodge a nasty cyber security bullet.
TalkTalk has not been so lucky with its routers, as most of the Mirai botnet in the UK consist of routers from TalkTalk.
Are you a security pro? Try our quiz!
After US Supreme Court last week removed women's reproduction rights, Google tells staff they can…
Victory for irate neighbours? Airbnb confirms its temporary Covid ban on parties in its listings…