With Shanghai's new round of broadband speed up into more and more residents, a family of several computers and mobile terminals (mobile phones, tablets) has not been a rarity, the demand for wireless network coverage has also spawned the popular home routers. But what many people do not know is that only the size of the slap router will become buried in the home of "cyber-security landmines", accidentally fell into the hacker set "trap." According to a domestic security report on the router, 30.2% of domestic routers there are loopholes in the recruitment of netizens estimated to reach tens of thousands of people.
Router is black, WiFi connection total bounce ad
Love to play mobile phone Mr. Liu recently encountered a problem, he at home with mobile phone online, mobile phone always pop up "free to watch" video advertising pictures, make him patience. But when he left home, the phone disconnected from the WiFi to 3G Internet access, the mobile phone ads will no longer appear, and after home connected to the WiFi, advertising pictures re-appear.
"It started in mid-October and lasted most of the month, never before. The first thought is his cell phone poisoning, the use of several mobile phone antivirus software, have not checked the problem. Later realized that mobile phone with 3G Internet is normal, with WiFi to play ads, so also try to restart the router, but the problem still appears. Mr. Liu later found that not only mobile phones, at home when using the computer, also often jump out of the web game ads, "think it is the player, at first did not care too much." ”
Finally, Mr. Liu helpless, only to the network security personnel to help, this only to know that his home wireless router was "black", DNS (Domain Name System) point to a location for the South Korean IP address, delete this DNS, mobile phone online restore normal.
Reason: The router management password has not been modified
Reporter learned that, Mr. Liu's router DNS settings was tampered with, because the router did not modify the default management password, the hacker used the router "weak password" vulnerability to implement the attack, in the daily Internet unknowingly in the middle of the recruit. In a network with a router "weak password" vulnerability, if a computer accesses a malicious Web page with an attack code, the router's DNS is automatically tampered with as a hacker-specified DNS. 360 security expert Dr. Shi Xiaohong said: "DNS is equivalent to the ' Navigator ' in the network, and the user enters the URL to be visited by the DNS server to assign the IP corresponding to that URL. ”
It is reported that in the last one months time received more than 100 cases of router DNS hijacked cases, of which many occurred in Shanghai. "Hackers hijack router DNS, the most important way is to make malicious Web pages, on high-traffic sites on the Trojan, or through the website Alliance ads Add malicious code, you can attack a large number of visitors in a short period of time." In addition, hackers by brute force to crack other people's WiFi password, can also achieve the intrusion router to tamper with the purpose of DNS. "" "Wireless router has two important passwords, one is the WiFi password, mainly to prevent others from rubbing the network, and the other is the router management password, mainly on the router online account, WiFi password, DNS, network device management settings. Shi Xiaohong said that many netizens did not change the router management password habits, long-term use of the router factory default weak password, to provide hackers with an opportunity.
Survey shows that 4.7% of the country's home routers have been hijacked
Recently, Security Center released a router security survey report shows that the market randomly selected 344 models of routers in the 104 are affected by the "weak password" vulnerability, the proportion of up to 30.2%, in addition to the national 4.7% of the home router DNS has been tampered with, and home routers have been with the computer, Mobile phones and listed as the three main targets of hacker attacks.
Reporters open their own wireless router settings interface, found that the use of management accounts and passwords are still the initial characters, in order to prevent the network, WiFi password almost half a year, but the management password has not been modified. Reporters randomly selected 10 netizens survey, found that although 8 of them know that the router has managed accounts and passwords, but has not changed, and another 2 people will manage passwords and WiFi password confused, let alone modified. These 10 netizens all said that do not know the router can also be "black".
According to the survey report, hackers tamper with the main purpose of the DNS is to push pornographic web pages and game ads, the proportion of 49.5%, 28% of the DNS tampering is to the e-commerce site to hijack the promotion page, in order to earn promotional commission, in addition to 22.5% of other types of hijacking, For example, the regular site of the request to hijack the visit to the phishing site or the website, the well-known site navigation replaced by the rogue promotion site, such as Web sites, such as access to online banking, shopping sites entered the correct URL, the actual opening is a fake site page, then the victim input network silver, online payment account password, will be submitted to the fishing site on the server.
Expert advice: Password settings should be as complex as possible, not remember it's okay
For home routers are "black" possibilities, experts have two suggestions: first of all, the first time to modify the router's default password, and try to use a relatively complex strong password, such as more than 10 digits, the combination of letters + numbers. Even if you forget it does not affect the daily use, in the future need to log in to the router management backend, the router can be restored by the "Reset key" factory settings. Also, turn on router MAC address filtering, turn off router SSID broadcasts, and modify the router-managed default IP address to a different LAN IP address field. You can also use network security software for detection.
In addition, the experts also called on the router manufacturers in the management background, increase the password and other risk warning options, improve the awareness of the user's attention.