James Galvin posted a couple of weeks ago about a recently published exploit which made hacking Eircom’s wireless routers trivial.
As Eircom are the largest provider of residential broadband in Ireland, this is potentially a big deal. As Joe Drumgoole commented at the time:
they have inadvertently created Ireland’s largest free WIFI network. Good man Eircom!
However, BT is now facing an even more serious issue on its wireless routers according to an article in the Register today. At least in Eircom’s case, the vulnerability only exposed the WEP key, allowing use of the wifi on the router.
In the case of the BT router, the Reg is reporting that
a remote attacker can quietly gain full administrator control over a device simply by social engineering a user into visiting a website. The exploit makes it possible to steal a user’s WPA key, listen in on VoIP calls, steal VoIP credentials or change DNS settings so users are silently redirected to fraudulent websites
This is a far more serious an issue then the Eircom one and the number of routers this affected is likely to be orders of magnitude greater.
The one saving grace is that the hack hasn’t been published in the wild, as was the case with Eircom. Yet.
That’s a bit nasty. I have a BT account but the router they sent me is a Zyxel model, not one of the ones mentioned in that article. Could be they’re only UK subscriptions?
Tom,
That is not more serious. The eircom routers come by default without an administrator password.
If a eircom customer hasn’t changed the default wep key, it is unlikely they have or know how to access their router administration panel to change its password.
Once you’re on an eircom network due to the WEP issue chances are you have full control.
John
The amount of people that don’t put a password on there wireless router really astounds me.