Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researchers Say Wi-Fi Virus Outbreak Possible

Posted by Zonk on from the batten-down-the-hatches dept.

alphadogg writes with a link to a NetworkWorld article about a troubling security scenario. Indiana University IT researchers are now saying that a WiFi attack intended to piggyback across unsecured access points could do serious damage in a city like Chicago or New York. By essentially brute-forcing the passwords on insecure routers, a worm-like firmware agent could be introduced to an estimated 20,000 networks in New York City alone. "Although the researchers did not develop any attack code that would be used to carry out this infection, they believe it would be possible to write code that guessed default passwords by first entering the default administrative passwords that shipped with the router, and then by trying a list of one million commonly used passwords, one after the other. They believe that 36% of passwords can be guessed using this technique."

5 of 165 comments (clear)

  1. They'll never get me! by morgan_greywolf · · Score: 4, Funny

    Ha! They'll never guess my router admin password, which is '5l@$hd0t.!st.ps0t!'

    --
    My blog
  2. troubling security scenario? by Facetious · · Score: 4, Insightful

    Holy crap! Maybe we should deal with existing security problems before we start with the imaginary ones.

    --
    Let us not become the evil that we deplore.
  3. Varying router models and revisions by Dan+East · · Score: 5, Insightful

    How many router models and hardware revisions would the worm need to support to make this effective? It would take a great deal of resources to produce custom firmware for that many devices and hardware revisions, especially considering that people have been trying to produce custom firmware for specific devices for a long time without any success at all.

    On another note, configuring the router for administrative access only via ethernet would completely stop the problem.

    Dan East

    --
    Better known as 318230.
  4. Re:1 million passwords? by crow · · Score: 4, Insightful

    They don't need to hold the dictionary. Anything that doesn't fit can be downloaded on demand. Most access points have access to the Internet, and residential access points are almost always outside of any firewall (they're usually the firewall themselves).

  5. Church of Wifi already did this by CounterZer0 · · Score: 4, Informative

    Church of Wifi has a hacked firmware-based worm that runs around and replaces firmware on APs, and then looks for other AP's to attack, and propagates itself.
    The key to this kind of attack, is that it could be potentially undetectable - how do you know if the linksys firmware was replaced or slightly modified or not?
    Another great use, would be to drop TOR endpoints on every single box infected :)