viralamo

Menu
  • Technology
  • Science
  • Money
  • Culturs
  • Trending
  • Video

Subscribe To Our Website To Receive The Last Stories

Join Us Now For Free
Home
Technology
300,000 MikroTik routers are ticking security time bombs, researchers say
Technology

300,000 MikroTik routers are ticking security time bombs, researchers say

09/12/2021

300,000 MikroTik routers are ticking security time bombs, researchers say

Getty Images

As many as 300,000 routers made by Latvia-based MikroTik are vulnerable to remote attacks that can surreptitiously corral the devices into botnets that steal sensitive user data and participate in Internet-crippling DDoS attacks, researchers said.

The estimate, made by researchers at security firm Eclypsium, is based on Internet-wide scans that searched for MikroTik devices using firmware versions known to contain vulnerabilities that were discovered over the past three years. While the manufacturer has released patches, the Eclypsium research shows that a significant proportion of users has yet to install them.

“Given the challenges of updating MikroTik, there are large numbers of devices with these 2018 and 2019 vulnerabilities,” Eclypsium researchers wrote in a post. “Collectively, this gives attackers many opportunities to gain full control over very powerful devices, positioning them to be able to target devices both behind the LAN port as well as target other devices on the Internet.”

Embraced by script kiddies and nation-states alike

The concern is far from theoretical. In early 2018, researchers at security firm Kaspersky said that a powerful nation-state malware called Slingshot, which had gone undetected for six years, initially spread through MikroTik routers. The attacks downloaded malicious files from vulnerable routers by abusing a MikroTik configuration utility known as Winbox, which transferred the payloads from the device file system to a connected computer.

Advertisement

A few months later, researchers at security firm Trustwave discovered two malware campaigns against MikroTik routers after reverse engineering a CIA tool leaked in a WikiLeaks series known as Vault7.

Also in 2018, China’s Netlab 360 reported that thousands of MikroTik routers had been swept into a botnet by malware attacking a vulnerability tracked as CVE-2018-14847.

The Eclypsium researchers said that CVE-2018-14847 is one of at least three high-severity vulnerabilities that remains unpatched in the Internet-connected MikroTik devices they tracked. Combined with two other vulnerabilities located in Winbox—CVE-2019-3977 and CVE-2019-3978—Eclypsium found 300,000 vulnerable devices. Once hackers infect a device, they typically use it to launch further attacks, steal user data, or participate in distributed denial-of-service attacks.

The researchers have released a free software tool that people can use to detect if their MikroTik device is either vulnerable or infected. The company also provides other suggestions for locking down the devices. As always, the best way to secure a device is to ensure it’s running the latest firmware. It’s also important to replace default passwords with strong ones and turn off remote administration unless it’s necessary.

Source link

Share
Tweet
Pinterest
Linkedin
Stumble
Google+
Email
Prev Article
Next Article

Related Articles

Cox’s bad customer service stymies users who don’t want upload speeds cut
Cox has been making it extremely difficult or impossible for …

Cox’s bad customer service stymies users who don’t want upload speeds cut

Fast & Furious: Crossroads lives video games a quarter-mile at a time
TechCrunch ist Teil von Verizon Media. Klicken Sie auf ‘Ich …

Goldman Sachs’ new board member diversity rule misses the mark

Leave a Reply Cancel reply

Find us on Facebook

Related Posts

  • GamesBeat Decides 158: Fall Guys, Nintendo financials, and Suicide Squad
    GamesBeat Decides 158: Fall Guys, Nintendo financials, …
    07/08/2020
  • Hackers are exploiting a backdoor built into Zyxel devices. Are you patched?
    Hackers are exploiting a backdoor built into …
    04/01/2021
  • Nikki Haley lost her password, so she sent confidential info over unclassified system
    Nikki Haley lost her password, so she …
    23/11/2019
  • Verizon’s new 5G coverage maps show just how sparse the network is
    Verizon’s new 5G coverage maps show just …
    23/11/2019
  • In public cloud, what worked at 1PB won’t work at 100PB
    In public cloud, what worked at 1PB …
    25/01/2020

Popular Posts

  • 10 Unusual Tombs from Around the World …
    26/06/2022 0
  • 10 Eerie Real-Life Paranormal Encounters to Creep …
    29/05/2022 0
  • The mystery of China’s sudden warnings about US hackers
    The mystery of China’s sudden warnings about …
    29/05/2022 0
  • 10 Huge Problems Animals Should Have But …
    30/05/2022 0
  • 10 U.S. Towns with Terrifying Local Legends …
    30/05/2022 0

viralamo

Pages

  • Contact Us
  • Privacy Policy
Copyright © 2022 viralamo
Theme by MyThemeShop.com

Ad Blocker Detected

Our website is made possible by displaying online advertisements to our visitors. Please consider supporting us by disabling your ad blocker.

Refresh