Jump to content

Walmart-exclusive Router and Others Sold on Amazon and eBay Contain Hidden Backdoors To Control Devices


Recommended Posts

securitybreach
Posted
Quote

Bernard Meyer, reporting for CyberNews:In a collaboration between CyberNews Sr. Information Security Researcher Mantas Sasnauskas and researchers James Clee and Roni Carta, suspicious backdoors have been discovered in a Chinese-made Jetstream router, sold exclusively at Walmart as their new line of "affordable" wifi routers. This backdoor would allow an attacker the ability to remotely control not only the routers, but also any devices connected to that network. CyberNews reached out to Walmart for comment and to understand whether they were aware of the Jetstream backdoor, and what they plan to do to protect their customers. After we sent information about the affected Jetstream device, a Walmart spokesperson informed CyberNews: "Thank you for bringing this to our attention. We are looking into the issue to learn more. The item in question is currently out of stock and we do not have plans to replenish it."

Besides the Walmart-exclusive Jetstream router, the cybersecurity research team also discovered that low-cost Wavlink routers, normally sold on Amazon or eBay, have similar backdoors. The Wavlink routers also contain a script that lists nearby wifi and has the capability to connect to those networks. We have also found evidence that these backdoors are being actively exploited, and there's been an attempt to add the devices to a Mirai botnet. Mirai is malware that infects devices connected to a network, turns them into remotely controlled bots as part of a botnet, and uses them in large-scale attacks. The most famous of these is the 2016 Dyn DNS cyberattack, which brought down major websites like Reddit, Netflix, CNN, GitHub, Twitter, Airbnb and more.

 

https://tech.slashdot.org/story/20/11/23/1926237/walmart-exclusive-router-and-others-sold-on-amazon-and-ebay-contain-hidden-backdoors-to-control-devices

  • Like 2
Posted

Pretty hard to get any network gear that isn't made in China these days. Maybe some stuff is designed in North America.

  • Like 1
  • Agree 1
  • +1 1
securitybreach
Posted

Very true :thumbsup:

 

I just make sure to get name brand things from established companies. BTW our government spies as well ;) 

  • Agree 1
  • +1 1
V.T. Eric Layton
Posted
28 minutes ago, securitybreach said:

BTW our government spies as well ;) 

 

That it does... along with #Big_Tech sucking data to enrich themselves and their customers.

  • Agree 1
  • +1 1
Posted

I used D-Link (Taiwan) for years then my ISP's gateway - Hitron (Taiwan). Now I have Linksys (US) bought by Cisco (US) then by Belkin (US) then by Foxconn (Taiwan.) Does this mean anything? Probably not.

In addition I have had Motorola modems (US) now owned by Arris (US.) My ISP has an Internet TV offering that also uses Arris modems. It's all too much for my little mind to comprehend.

  • Agree 1
securitybreach
Posted

Yeah, everything is manufactured in China

Posted

I read today that some companies like Foxconn, Pegatron and Compal are planning to move production (mostly Apple stuff) out of China. So things might be changing a bit.

  • Like 2
V.T. Eric Layton
Posted
On 11/24/2020 at 12:05 PM, securitybreach said:

Yeah, everything is manufactured in China

 

Or, BY Chinese owned companies somewhere in the Far East.

  • Agree 2
Posted

My router had a firmware update available dated 1029. makes me think that they knew about things before publication.

Oddly, the firmware was applied without the router losing it's functionality.

 

  • Agree 1

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...