It's 2015 and default creds can brick SOHO routers
Remote reboot and takedown tricks detailed by security chap
A hacker has detailed a series of tricks that can silently reboot or brick routers or activate admins functions.
Many routers including Netgear and Surfboard models look to be affected, with most attacks requiring just victims' default universal credentials to be applied.
Applications security bod Joseph Giron detailed how victims could be knocked offline or routers bricked.
"The Surfboard cable modem offers little in functionality besides rebooting unless of course I wanted to be malicious and remove all settings on the cable modem and essentially turn it into a door stop until the thing can be activated again by the ISP," Giron said.
"But that would be a real dick move."
He detailed further attacks in which default and universal credentials such as admin / admin present in many new routers could allow admins to perform the work of attackers.
"It's (the routers) unauthenticated so anyone can do this provided they're on the local network," he said.
"Since the victim is the one doing the running the script and not me, they're already on the local network."
So many routers have been found vulnerable in recent years that the DEF CON security event threw a "SOHOpelessly Broken" competition that saw 15 zero days were dug up by only a handful of hackers.
Last week, Argentine and Spanish telcos were found deploying ADB Pirelli broadband routers with two dangerous security holes that exposed the internal web server.
That find paled in comparison to the discovery that an estimate 200 cheap SOHO router models including D-Link, Edimax, Huawei, TP-Link, ZTE, and ZyXEL and used by 12 million people were affected by the Misfortune Cookie, a critical software hole that let hackers hijack the boxes across the web.
Cisco, Netgear and Diamond router models were found vulnerable last year, following the 2012 discovery of security holes in 13 routers from the likes of Linksys and Belkin.®