An entire group of bugs was discovered in Linksys smart WiFi routers, and security experts say that these bugs could allow access to any hacker that managed to exploit them. Apparently, more than 7,000 routers have these bugs as a part of the system, and anyone who discovered them could have easily overloaded the device, performed a forced reboot and denied access to users, and not only all of that, but also change restricted settings and leak a lot of user’s information.
IOActive’s cyber security researchers have stated that these flaws could be used by hackers to create an entire botnet network, and could potentially cause harm just like the Mirai DDoS attack did during the last year. These company’s researchers were the ones who informed Linksys of the bugs back in January, and ever since then, these two companies have been working together to deal with the problem.
For now, the problem still remains, but the company claims that the final update will be posted in the coming weeks. Until then, they issued a security advisory with a workaround for the customers with the flawed router.
Tao Sauvage, IOActive’s senior security consultant, was the one who authored the research, along with the independent researcher Antide Petit. The analysis that was conducted by them during the last year managed to reverse-engineer the router’s firmware and tests that included a series of conducted penetrations of the exposed functions were made.
This method unveiled up to 10 vulnerabilities that include both low and high-risk flaws and was present in more than 20 different models. After an initial search, it was calculated that more than 7,000 flawed devices were connected to the internet, and completely exposed for anyone to breach.
The most of the flawed routers were found to be within the USA, and that includes about 69% of devices. The remaining 31% were simply spread across the world, with around 10% in Canada, 1.8% in Hong Kong, 1.5% in Chile, and also 1.4% in the Netherlands. The rest were in spread out through Argentina, Sweden, Russia, Norway, UK, India, China and even Australia.
Sauvage said that “A number of the security flaws we found are associated with authentication, data sanitization, privilege escalation, and information disclosure. Additionally, 11% of the active devices exposed were using default credentials, making them particularly susceptible to an attacker easily authenticating and potentially turning the routers into bots, similar to what happened in last year’s Mirai [botnet] attacks.”
Mirai was known for using the unprotected IoT devices, and that also included webcams and routers. Through them, it conducted a series of DDoS attacks.
Linksys’ application security engineer, Benjamin Samuels, has said that the two companies have been working together since the discovery of the flaws, and are still trying to resolve the problem. He added that the security is a very important problem that has high priority and that only a few steps could help their customers with securing their devices.