Backdoor Account Found in D-Link DIR-620 Routers

Catalin Cimpanu, writing for BleepingComputer: Security researchers have found a backdoor account in the firmware of D-Link DIR-620 routers that allows hackers to take over any device reachable via the Internet. Discovered by Kaspersky Lab researchers, this backdoor grants an attacker access to the device's web panel, and there's no way in which device owners can disable this secret account. The only way to protect devices from getting hacked is to avoid having the router expose its admin panel on the WAN interface, and hence, reachable from anywhere on the Internet.

OpenWRT/LEDE is the only solution

[Jimbo+God+of+Unix]

This is why I will never buy or recommend any router that cannot be flashed/used with OpenWRT/LEDE.

Re:OpenWRT/LEDE is the only solution

[ArchieBunker]

Calm down man you get any more angry and that Fedora is going to fly off. Your argument died with Heartbleed. Open source that nobody looked at.

Disable WAN access you say?

[squiggleslash]

I don't know how many people actually enable WAN access to begin with. And it's off by default.

But, regardless, that's probably not the major problem. The major problem comes if your own network is compromised, say, by an IoT device. Then it potentially has a password to your router.

That seems to me to be likely a much bigger problem.

Don't by ANY router that...

[bobbied]

Cannot be flashed with third party firmware. I use OpenWRT and DD-WRT and I *refuse* to buy any consumer router that doesn't have at least a porting effort to one of these third party firmware packages.

It's not a perfect solution, but it's one heck of a lot better than just trusting the manufacturer to do the right thing and fix their security issues in a timely manner.

Re:Why would you expose the admin interface to WAN

Too complex for most people - yes
Too complex for someone who can be trusted to remotely tweak a router - no