Home Hacking Browser Hacking Less Secure ISP Gateways Can Allow Hackers to Spy on Your Online...

Less Secure ISP Gateways Can Allow Hackers to Spy on Your Online Activities

Less Secure ISP Gateways Can Allow Hackers to Spy on Your Online Activities

Did you know that your modem could betray you to cyber thieves?  Well, a recent research shows that your internet routers are vulnerable to hacking activities.  This is classed under a different category of hack.  Known as the Cable Tap, virtual thieves can tap your wireless home networks.  This means that your ISP gateways, RDK-based wireless gateways, and even your set-top boxes are prone to the attack.

The hackers can breach through the passwords set for your home networks.  This enables them to easily spy on your online activities from any corner of the world.  You might be unaware of how your bank credentials or at times social media links get hijacked by the cyber attackers.  But your Internet Protocol (IP) address might give you away to such crimes.

At the Defcon hacking conference, researchers found out a means to break through the weak passwords of these cable connections.  Christopher Grayson (Web Sight), Logan Lamb and Mark Lewin (Bastille Networks) traced 26 susceptibilities within the ISP network.  They could remotely gain access to most of the home networks in the U.S.

The gateway to your Internet Service Provider, your modem, that provides internet access to your whole family is one famous target for the hackers.  Furthermore, TV service providers such as set-top boxes and reference design kit (RDK) based network, which you otherwise believe to be safe can be of paramount importance to the hackers.

Using these gateways, the cyber assailants can tap your voice/text activities alongside your line of thought.

“We discovered a wide array of critical vulnerabilities in ISP-provided, RDK-based wireless gateways and set-top boxes from vendors including Cisco, Arris, Technicolor, and Motorola. Our research shows that it was possible to remotely and wirelessly tap all Internet and voice traffic passing through the affected gateways, impacting millions of ISP customers,” the researchers mentioned.

The hack can be carried out in two ways, the researchers point out.  Either the FastCGI Subsytem flaws can be exploited used by Apache, Nginx, Lighttpd web servers.  Or the MAC address of the Comcast Xfinity routers can be reverse-engineered.  This could reveal the passphrase of the hidden Wi-Fi networks.  But, they were able to take control over the system without entering their personal Comcast details.

Whereas to infect the Xfinity set-top boxes, brute forcing was experimentally carried out to be successful.  Here the radio frequency (RF) pairing of Comcast’s remote voice control was decoded.

However, the RDK turned out to be the most vulnerable.  This is due to its open sourcing, which allows anybody to identify the source changes for fixes, if any.

This weak spot of Comcast was timely checked, thanks to the researchers.  The data traffic of tens of million users are now ushered safe.

“Nothing is more important than our customers’ safety, and we appreciate Bastille bringing these matters to our attention. We have made some updates to our software and systems to prevent the issues Bastille identified from impacting Comcast customers, including breaking the attack chains Bastille described in this paper,” Comcast expressed their gratitude in a statement.

Leave a Reply