Entropy

Most broadband users have a router sitting between their network and the internet and in most cases that router also acts as a firewall. What is ironic about this situation is the same hardware that you are putting in to protect you, may be the key into your network.

Here’s how it would work. The victim would visit a malicious Web page that would use JavaScript code to trick the browser into making changes on the Web-based router configuration page. The JavaScript could tell the router to let the bad guys remotely administer the device, or it could force the router to download new firmware, again putting the router under the hacker’s control.[read more]

It is advised and generally a good idea for you to change the default password on anything you buy. Bandwidth theft is something that picked up speed a while back in South Africa with users scanning the ISP’s IP range and just trying default usernames and passwords on routers. Once in, you could easily extract the victims account details and piggy back off of them costing you nothing… unless you get caught.

Related articles

• Researcher creates malicious, router-controlling website [via Zemanta]
• Web page can take over your router [via Zemanta]