Don’t you just love some of the stuff that comes out of the upcoming Black Hat conference? I can understand pointing out issues with web security — particularly at the enterprise level — but announcing a hack to break into home routers in wide use, and here’s the especially bad part, releasing a tool to automate the hack so the usual gang of fools and script kiddies don’t even have to work at it. I think we all know who/what the real tool is here.
From the link:
An engineer from security firm Seismic claims he will soon release instructions on how to hack millions of wireless routers commonly used in residential Internet connections. The how-to hack instructions are part of what has become an annual chest-beating by speakers at the Black Hat security conference that hype their keynotes with end-of-PC-security-as-we-know-it promises.
Ars Technica reports that the presentation, entitled “How to Hack Millions of Routers” (not mincing any words there, are they?), will be given at Black Hat by Senior Security Engineer for Seismic Craig Heffner. Heffner’s presentation will include a live demonstration on how to “pop a remote root shell on Verizon (VZ) FIOS routers” as well as a tool release that will automate the described attack.
Seismic has tested around 30 routers so far, and has found that approximately half of them are vulnerable to this attack. The list of vulnerable routers includes routers from Linksys, Belkin, ActionTec, ASUS, Thompson, and Dell (DELL).