Blog

Hackers Invade Cisco Routers

Hackers Invade Cisco Routers

Q: Hi Sergio. Is it true that malware has been added to some of the CISCO routers used in business networks?

That is true.  They have been found in routers distributed in several different countries.  The reason this is so problematic, is that even when you restart the router, the firmware/malware is still present.  It is very difficult to detect and more difficult to remove.

Q: What models of CISCO routers have been infected?

The CISCO router numbers 1841, 8211 and 3825 are the ones that have been affected.  These are considered integrated services routers, usually utilized in a business application.  They are currently no longer being sold.

Q: Is it true that some home and small business office wireless routers have also been compromised?

Yes.  There are estimates that over 300,000 devices have been affected.  These include some models of D-Link, Micronet, Tenda and TP-Link.

The most common risk is that these affected routers can potentially redirect devices connected to them to malicious websites. This is particularly troublesome for businesses that have multiple computers and devices connected to their network, because it can exploit security flaws inherent in many routers, thereby opening up the users to malware.

Consciat

+1 (954) 874-9093

contact@consciat.com