Of all the various malware attack vectors, hacking a person’s router is one of the most effective. A new report from Ara Labs highlights how router attacks have evolved in recent years, and details a new method of serving unwanted advertising via intercepted Google Analytics information.
When evil routers attack
The reason routers are tempting targets for botnet builders and NSA agents alike is because they typically function as the gateway to an entire local network. Consumers tend to forget that the router is, itself, vulnerable. It’s not at all unusual for a router to serve its entire operating lifetime running default firmware and using the stock admin/admin name and password.
Once an attacker has gained access to a local router, they can tamper with its configuration. The most common type of attack is known as DNS spoofing or cache poisoning.