Hackers have created a new tactic involving home routers in phishing attacks. This is incredibly worrying to cybersecurity experts, as 64% of users have WiFi routers in their household, and 1 in 6 do nothing to protect them.
The attackers were hacking poorly protected routers and changing their settings. Once that was done, they could redirect users to a fake web page that displayed a message, purportedly from the World Health Organization, telling users to download an application that offers information about Covid-19. The application would then work as an info stealer and upload the stolen data to hackers’ servers.
“This attack affected almost 1,200 users who didn’t protect their home internet enough. According to our research, many users do nothing to protect their smart devices, so the situation might repeat itself in the future if users’ habits don’t change,” said NordVPN cybersecurity expert Daniel Markuson.
What are the dangers of WiFi router hacking?
• Unwanted users. While this does not necessarily put users’ privacy in danger, it could be rather annoying for many people and reduce the connection speed when somebody unwanted uses the network. It becomes even more worrying if the unwanted users decide to do something illegal, like shopping on the dark web or streaming pirated content.
• Spying on internet traffic. A WiFi router usually provides an internet connection to all the smart devices in a household, including phones, laptops, smart TVs, and speakers. So, if a router gets hacked, it gives access to all the traffic on the user’s network from any device connected to it, and an attacker can see everything you are doing online (from shopping to entering your bank credentials).
• Taking control of the user’s internet activity. In a man-in-the-middle attack, a cybercriminal places their device between a victim’s device and the WiFi router. This allows hackers to secretly control users’ traffic, potentially redirecting them to a malicious site that fools users into entering their credentials or banking details.
• Redirecting to malicious and phishing websites. To redirect a user, attackers can perform DNS hijacking. It is a type of cyber attack when the router settings are changed to redirect users to websites that trick them into giving away personal information or malicious websites that download malware onto their device.
What can be done to protect home WiFi networks?
“When it comes to hacking computers or phones, the dangers seem to be clear to most users. However, WiFi routers don’t store any information, so users pay little attention to protecting them. And that is why they become targets for hackers more and more often,” Markuson said.
The least you can do to protect your home router is to change your default router password. To have an effective and complex password, it needs to follow the below suggestions:
Password must not contain the user’s account name or more than two consecutive characters from the user’s full name.
Password must not contain anything personal such as pet’s name, kid’s name, name of the seasons
Password must be 8-15 or more characters long. The longer the password, the more secure.
Password must contain characters from three of the following categories:
Uppercase characters A-Z (Latin alphabet)
Lowercase characters a-z (Latin alphabet)
Special characters (!, $, #, %, etc.)
After improving the password, you can turn off SSID (WiFi network name) broadcasts. If you hide your SSID, the name of your home WiFi won’t appear in the list when someone tries to connect. Instead, they’ll have to manually connect by typing in your home WiFi name and password. This way, a potential intruder will have to know the exact name of your home WiFi as well as the password.
Lastly, install a VPN on your router, Markuson advised. A VPN will encrypt the traffic on every device connected to your home WiFi. It scrambles all your online data, rendering it complete gibberish to hackers trying to intercept your network.
Sources: NordVPN, Daniel Markuson, BusinessTech