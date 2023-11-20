from the fire-marshals-required-us-to-have-back-doors dept.
Walmart-exclusive router and others sold on Amazon & eBay contain hidden backdoors to control devices
In a collaboration between CyberNews Sr. Information Security Researcher Mantas Sasnauskas and researchers James Clee and Roni Carta, suspicious backdoors have been discovered in a Chinese-made Jetstream router, sold exclusively at Walmart as their new line of "affordable" wifi routers. This backdoor would allow an attacker the ability to remotely control not only the routers, but also any devices connected to that network.
[...] After we sent information about the affected Jetstream device, a Walmart spokesperson informed CyberNews: "Thank you for bringing this to our attention. We are looking into the issue to learn more. The item in question is currently out of stock and we do not have plans to replenish it."
Watch the video below[*] to hear directly from Sasnauskas, Clee and Carta about how they discovered the backdoors and what it means for everyday consumers.
Besides the Walmart-exclusive Jetstream router, the cybersecurity research team also discovered that low-cost Wavlink routers, normally sold on Amazon or eBay, have similar backdoors. The Wavlink routers also contain a script that lists nearby wifi and has the capability to connect to those networks.
We have also found evidence that these backdoors are being actively exploited, and there's been an attempt to add the devices to a Mirai botnet. Mirai is malware that infects devices connected to a network, turns them into remotely controlled bots as part of a botnet, and uses them in large-scale attacks. The most famous of these is the 2016 Dyn DNS cyberattack, which brought down major websites like Reddit, Netflix, CNN, GitHub, Twitter, Airbnb and more.
In starting the research, Clee originally wanted to see what kind of security low-cost Chinese devices like Wavlink had: "I was interested in seeing how much effort companies were putting into security. I decided it would be a great hobby to buy cheap Chinese technology off of Amazon and see what I could find out." He then got in contact with Carta and Sasnauskas at CyberNews.
"After talking to James about his discovery," Carta told CyberNews, "I immediately tried to look for other companies using the same firmware, and found that Jetstream's devices are also vulnerable. The research was interesting to understand where the vulnerability came from, and how a malicious actor could fully exploit it."
(Score: 2) by Booga1 on Tuesday November 24, @04:59AM
As usual the answer to the amount of effort companies put into security is "as little as possible." Targeting cheap Chinese tech is low hanging fruit. Not that expensive equipment guarantees that it's bug free or immune to exploits, but the cheaper it is the less money they have to put into security.
It sure would be nice to see that "invisible hand of the market" smack these companies around a bit, but apparently they're already sold out. They won the race to the bottom already. Besides, any cheap router company that gets a serious judgement against them will fold and re-open the next day under a new name.
(Score: 2) by krishnoid on Tuesday November 24, @05:32AM
I'd think you'd at the minimum want to plunk down the cash to buy a router/firewall that provides a strong perimeter and outbound telemetry filtering. If you can't at least trust your perimeter, what's to prevent (to extend the metaphor) opportunistic wildlife from insect to rodent from trying to find a way in? It doesn't have to protect against the equivalent of a militarized police team.
I guess most people just connect to the Wi-Fi provided by their ISP's cable/fiber modem and leave it at that. Or use the data plan on their phones.
(Score: 2) by Frosty Piss on Tuesday November 24, @05:54AM
I’m absolutely flabbergasted that the cheapest bottom of the barrel Chinese routers are, shall we say, insecure. It’s news I really was never expecting. My faith in dirt cheap Chinese networking gear has been shaken to my core.