If you rely on BT for high-speed internet or VoIP, there's a good chance a pair of UK-based researchers know how to enable a backdoor in your router that leaves you wide open to eavesdropping, caller spoofing and other nasty attacks.
The vulnerability resides in the BT Home Hub, one of the UK's most popular home routers, according to Adrian Pastor and Petko D. Petkov. A constellation of bugs in the router, which is made by Thomson/Alcatel, make it possible to bypass the device's password authentication system and gain complete administrative control. All an attacker needs to do to exploit the weaknesses is lure the victim to a maliciously crafted website, according to this post on the GNUCitizen blog. The exploit doesn't require knowledge of the administrator password.
View: The full story
News source: The Reg
8 Comments - Add comment