Experts have warned about the risks posed by using an insecure internet router.
According to a new report, hackers can easily gain access to your internet connection by hijacking your wireless router.
Hackers are able to exploits flaws in the software of many routers that can enable them to take complete control of the device and monitor all the internet traffic that passes through it.
They can then install viruses, ransomware or other forms of malware to which could track what websites you have visited and even steal account information, passwords, credit card or online banking details.
The warning comes after cyber security experts F-Secure discovered a number of flaws in several models of Inteno home routers.
Researchers found the routers did not check that firmware updates can from a legitimate source before being installed on the device.
The means someone could gain access to the router and install their malicious software.
As well as being able to see all the web traffic of a victim, a compromised router would also give hackers access to any other ‘smart devices’ connected to it via the Internet of Things.
“By changing the firmware, the attacker can change any and all rules of the router,” said F Secure’s Janne Kauhanen in a statement.
“Watching video content you’re storing on another computer? So is the attacker. Updating another device through the router? Hopefully it’s not vulnerable like this, or they’ll own that too. Of course, HTTPS traffic is encrypted, so the attacker won’t see that as easily. But they can still redirect all your traffic to malicious sites that enable them to drop malware on your machine.”
“It’s ridiculous how insecure the devices we’re sold are – we and other security companies are finding vulnerabilities in these devices all the time.”
“The firmware used in routers and Internet of Things devices is neglected by manufacturers and their customers – by everyone except hackers, who use the vulnerabilities to hijack internet traffic, steal information and spread malware”, Kauhanen added.
F-Secure said it has told Inteno about the flaw and is advising all users to ensure their security protection is up to date in order reduce the chance of hackers exposing the flaw.
However, The Register reports that Intento has said it is not going to issue a patch for the flaw