Flash Attack Could Turn Routers Into Zombies

Experts say online criminals could exploit UPnP to hijack routers
By Rob Quinn,  Newser Staff
Posted Jan 16, 2008 1:11 PM CST
Flash Attack Could Turn Routers Into Zombies
Researchers say 99% of home routers are vulnerable to attackers using Flash and UPnP to hijack their routers. They recommend disabling UPnP, although this could make it difficult for non-technical users to use many applications.   (KRT Photos)

Security experts have demonstrated how attackers could use Flash software and the Universal Plug and Play (UPnP) protocol to hijack their home routers, reports PC World. Users exposed to a malicious Flash file could have the servers they're trying to reach changed remotely and secretly, meaning a fraudster could redirect the user to phony bank or e-commerce websites even if they typed the right address into their browser.

If you're not a computer whiz, turning off UPnP on your router will make it difficult to use applications like instant messaging and Skype, but the experts said the extra security could be worth it if it can prevent routers being turned into "zombies." One expert disagreed, however, pointing out that criminals haven't even started using this kind of attack. (More Flash stories.)

Get the news faster.
Tap to install our app.
X
Install the Newser News app
in two easy steps:
1. Tap in your navigation bar.
2. Tap to Add to Home Screen.

X