Jump to content

Walmart-exclusive Router and Others Sold on Amazon and eBay Contain Hidden Backdoors To Control Devices


securitybreach

Recommended Posts

securitybreach
Quote

Bernard Meyer, reporting for CyberNews:In a collaboration between CyberNews Sr. Information Security Researcher Mantas Sasnauskas and researchers James Clee and Roni Carta, suspicious backdoors have been discovered in a Chinese-made Jetstream router, sold exclusively at Walmart as their new line of "affordable" wifi routers. This backdoor would allow an attacker the ability to remotely control not only the routers, but also any devices connected to that network. CyberNews reached out to Walmart for comment and to understand whether they were aware of the Jetstream backdoor, and what they plan to do to protect their customers. After we sent information about the affected Jetstream device, a Walmart spokesperson informed CyberNews: "Thank you for bringing this to our attention. We are looking into the issue to learn more. The item in question is currently out of stock and we do not have plans to replenish it."

Besides the Walmart-exclusive Jetstream router, the cybersecurity research team also discovered that low-cost Wavlink routers, normally sold on Amazon or eBay, have similar backdoors. The Wavlink routers also contain a script that lists nearby wifi and has the capability to connect to those networks. We have also found evidence that these backdoors are being actively exploited, and there's been an attempt to add the devices to a Mirai botnet. Mirai is malware that infects devices connected to a network, turns them into remotely controlled bots as part of a botnet, and uses them in large-scale attacks. The most famous of these is the 2016 Dyn DNS cyberattack, which brought down major websites like Reddit, Netflix, CNN, GitHub, Twitter, Airbnb and more.

 

https://tech.slashdot.org/story/20/11/23/1926237/walmart-exclusive-router-and-others-sold-on-amazon-and-ebay-contain-hidden-backdoors-to-control-devices

  • Like 2
Link to post
Share on other sites
securitybreach

Very true :thumbsup:

 

I just make sure to get name brand things from established companies. BTW our government spies as well ;) 

  • Agree 1
  • +1 1
Link to post
Share on other sites
V.T. Eric Layton
28 minutes ago, securitybreach said:

BTW our government spies as well ;) 

 

That it does... along with #Big_Tech sucking data to enrich themselves and their customers.

  • Agree 1
  • +1 1
Link to post
Share on other sites
raymac46

I used D-Link (Taiwan) for years then my ISP's gateway - Hitron (Taiwan). Now I have Linksys (US) bought by Cisco (US) then by Belkin (US) then by Foxconn (Taiwan.) Does this mean anything? Probably not.

In addition I have had Motorola modems (US) now owned by Arris (US.) My ISP has an Internet TV offering that also uses Arris modems. It's all too much for my little mind to comprehend.

  • Agree 1
Link to post
Share on other sites
raymac46

I read today that some companies like Foxconn, Pegatron and Compal are planning to move production (mostly Apple stuff) out of China. So things might be changing a bit.

  • Like 2
Link to post
Share on other sites
V.T. Eric Layton
On 11/24/2020 at 12:05 PM, securitybreach said:

Yeah, everything is manufactured in China

 

Or, BY Chinese owned companies somewhere in the Far East.

  • Agree 2
Link to post
Share on other sites

My router had a firmware update available dated 1029. makes me think that they knew about things before publication.

Oddly, the firmware was applied without the router losing it's functionality.

 

  • Agree 1
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...