Virgin Media Plugs Security Flaw In A Brace Of Its Wireless Routers

A security flaw has been discovered in a brace of Virgin Media wireless routers that allowed unauthorised administrative-level access the home hubs.

Discovered by Context Information Security through reverse engineering the software on the Virgin Media Super Hub 2 and Super Hub 2AC  wireless routers, a flaw in the backup feature of the devices allowed hackers to download the router configurations, such as dynamic DNS and port forwarding settings.

Though such backups are encrypted, the encryption key is the same for all of the routers, meaning hackers with administrative access to the vulnerable routers could get access to the backups information, add their own instructions to it then restore the backup to the hub, thereby compromising it.

Hackers with this access could gain remote access to the targeted hub and monitor all network traffic to and from the device.

Hacked hubs

“The Super Hub represents the default home router offering from one of the UK’s largest ISPs and is therefore present in millions of UK households, making it a prime target for attackers. While ISP-provided routers like this are generally subject to more security testing than a typical off-the-shelf home router, our research shows that a determined attacker can find flaws such as this using inexpensive equipment,” said Andy Monaghan, a principal security researcher at Context.

The cyber security firm notified Virgin Media of the flaw, and the telecoms company rapidly pushed out a patch to plug the security hole.

“Virgin Media has deployed a firmware patch to our SuperHub 2 and 2AC routers that addresses this issue,” a Virgin Media spokesperson told Silicon.

“We take the security of our customers very seriously and experts within our organisation often work with trusted third-parties to help keep our customers as secure as possible. We thank Context for their professionalism and cooperation.”

Router of all evil

Netgear is the provider of routers to Virgin Media, so it would appear that the flaw originated from it rather than a a problem introduced by Virgin Media.

“[Internet Service Providers] will always be at the mercy of their hardware suppliers to some extent,” said Jan Mitchell, a senior researcher at Context. “Recent press coverage of attacks such as the Mirai worm highlights the importance to vendors of carrying out independent security testing of their products to reduce the likelihood of exploitation in production devices. Thankfully, Virgin Media was quick to respond to Context’s findings and start the remediation process.”

So far there have been no reports of the routers being hijacked by hackers out in the wild, so it would appear Virgin Media’s rapid response helped it dodge a nasty cyber security bullet.

TalkTalk has not been so lucky with its routers, as most of the Mirai botnet in the UK consist of routers from TalkTalk.

Are you a security pro? Try our quiz!

Roland Moore-Colyer

As News Editor of Silicon UK, Roland keeps a keen eye on the daily tech news coverage for the site, while also focusing on stories around cyber security, public sector IT, innovation, AI, and gadgets.

View Comments

  • Virgin Media has been replacing the 2 and 2AC hubs with the new Hub 3.0 which has a firmware issue as yet unresolved after 18 months by Arris.

Recent Posts

Brazil Unfreezes Starlink, X Bank Accounts After Funds Transfer

Judge orders X, Starlink bank accounts unfrozen after $3.3m transfer pays off fines imposed on…

16 hours ago

Uber To Offer Waymo Robotaxi Rides In Austin, Atlanta

Uber expands deal with Waymo from Phoenix to Austin, Texas and Atlanta as it faces…

16 hours ago

GenAI Shopping: Revolutionising Retail Experiences

Discover how Generative AI is transforming the retail experience with personalised interactions, AI-powered search, and…

17 hours ago

US House Passes Bill Targeting Chinese EV Battery Tech

US House of Representatives passes bill restricting tax credits for electric vehicles using battery technology…

17 hours ago

NASA Mission To Jupiter’s Europa Gets Go-Ahead

NASA to launch 'Europa Clipper' mission to Jupiter's moon Europa next month as it seeks…

17 hours ago

Police Arrest Youth Over London Transport Hack

National Crime Agency arrests 17-year-old in Walsall over hack of Transport for London that compromised…

18 hours ago