Possible to hack, or malware to take over a home use router?

Hi,

I've been wondering for a long time, given all the malware out there - are instances of ne'er-do-well's hacking into or taking over a modem - router common? For examle - re flashing or taking over the writable chips on routers or manipulating the router firewall settings to gain access to a home LAN? Routers with built in firewalls are supposed to protect home networks - but, what can I do to protect my router?!?

I'm just wondering how secure these home use routers are - my DSL router was supplied by my ISP. It's made by 2wire company, maybe 2 years old. Are these devices very secure?

 

Yes, they are secure but they are not a cure all to protect your home network - they are but a single but significant layer of defense and I recommend everyone with broadband use a router, even if only using a single computer.

At the very least, you should change the default passwords on the router as they are common knowledge. And each computer should have a software based firewall too, current anti-malware software running full time, and a disciplined user who avoids risky practices.

 

Thanks Digerati,

I was reading that there is a new BIOS malware out, that was just announced last month, which infects the BIOS chips on motherboards and even a clean wipe of the hard drive can't get rid of it, because once the drive is re formatted, the bios chip just replicates itself on the clean hard drive. Scary. So I guess it's only a matter of time when hackers figure out how to hack into routers and or write malware for routers.

It's very sad folks have to spend so much time and money protecting themselves from on line criminals.

 

They already know how - a determined hacker can get past your router as easily as a determined cat-burglar can defeat most home security systems, or car thief steals cars. Your goal is to keep the wannabe hackers, opportunists, and nosy neighbors out, then avoid bringing attention to yourself (a big concern with wireless networks).

Understand that for a BIOS virus to be effective, it must get past all your other defenses to gain administrative rights to rewrite the BIOS. Not an easy task on a computer kept updated, patched, scanned and blocked, and each user avoids risky behavior, such as illegal filesharing of copyrighted materials on P2P sites.

 

To add a little to what Digerati said, you should disable remote access on your router, so only a computer directly plugged in can change your router settings. And if it is wireless, secure that end as well. A router is just a computer that runs an IOS instead of an OS, so it can be messed with.

But like most thieves, hackers pick easy targets. They won't spend a whole lot of time trying to break into a secured network unless there is a lot for them to gain from it. Unless you just run across some bored crazy one.

 

The next logical question would then be, since it's possible to hack and install malware onto a router, is it also possible to run malware scans to check if a router is infected with malware, and remove malware, in a similar way that the malware forum experts help folks scan and remove malware from PC's?

 

Yes it is possible, but as far as I know no one has created a program to scan home routers, as there is no market for such a program. Commercial routers, maybe, but not home ones. The other side of this is that it is probably a lot easier to flash a router with the original settings than it is to hunt for malware and remove it.

 

Now wait! You are talking extreme, highly unlikely events. For a badguy to install malware on a router, he must FIRST compromise a host computer. If a badguy has gotten to your router, you have bigger issues to deal with first.

It IS possible someone can rob all the gold from Ft Knox too, but that does not mean the next logical step is to build a better fort. You make sure all the exits are well protected. Change the router's defaults. Limit access to connected PCs, use highest encryption for wireless (if you can't avoid using wireless), and keep your computers updated, scanned, patched, and blocked. And MOST importantly, stay aways from sites badguys wallow in - that is illegal porn, gambling, most importantly, P2P sites that allow illegal filesharing of copyrighted materials - songs, video, and published writings.

 

If you really think that has happened, you could flash your firmware. This is the equivalent to formatting a PC and installing the OS. You do run the risk of a bad flash. Depending on the router, that can be recovered from, or you might have a brick. You could also just replace the router.

But I really think, like Digerati said, change the defaults, set it up so only connected computers can access the IOS.