Home Router Flaw Can Direct Browsers to Dangerous Sites

The knowledgeable researchers at GNUCITIZEN, a self-proclaimed "ethical hacker outfit", have revealed a rather troubling security vulnerability which could give an attacker remote control over your router. By using a combination of the UPnP technology along with a maliciously crafted Adobe Flash file, remote configuration of your router is a frightening possibility. The most common way to expose a victim to these files would be through a Web site.

Successfully exploiting this flaw would give an attacker the option to modify a large number of router settings, ranging from administrative credentials to WiFi settings. However, the scariest potential modification lies in the DNS settings. A victim's router could be set up in a way that their browser would be automatically redirected to phony sites when they attempt to visit specific URLs. This could be used as a very effective phishing tool, allowing malicious sites to pose as legitimate banking institutions, social networking services, etc. If done correctly, a victim would never know the difference and could unwittingly give up valuable personal information including their bank account and credit card numbers.

This is a very serious issue, as the large majority of home routers utilize UPnP by default. Also, since the attack relies on Flash, any browser that supports it is vulnerable. The only way to protect yourself from becoming a victim here is to disable UPnP on your router right away. Consult your specific device's manual for instructions on how to do this.