cancel
Showing results for 
Search instead for 
Did you mean: 

Drive-by Pharming Security Risk

shermans
Rising Star
Posts: 1,052
Thanks: 27
Fixes: 1
Registered: 07-09-2007

Drive-by Pharming Security Risk

The Times has recently carried an article which reports that probably more than 50% of broadband users are terribly exposed to "drive-by pharming" simply because they have left their modem or router with the default "User name" and "Password" settings - I believe on most broadband routers, both default settings are usually "admin". To read the article, go to http://technology.timesonline.co.uk/tol/news/tech_and_web/the_web/article1415435.ece

The username and password are so easy to change; everyone should take the simple precaution, but most people, like me, never see any point in doing so. Not any more .....
6 REPLIES
Community Veteran
Posts: 4,729
Registered: 04-04-2007

Drive-by Pharming Security Risk

This is the problem that has been highlighted by NetStumblers (WarDrivers) the world over.

Just google wardriving and see what comes up, its not just the username and password that many do not change, but also the wireless encryption.

Its really up to the router manufactures to encourage better security, but as it comes at the price of easy set up. So they don't.

But you have seeded me with an idea. :idea:

Chilly
N/A

Drive-by Pharming Security Risk

NOT just wireless routers either. The Times (I think) reported a "new hack" this week. As I understand it it works like this...

1) You visit a seemingly harmless web site that installs code on your machine.

2) This code logs into your router (possible if you didn't change the password) and changes the DNS mappings.

3) Next time you type in www.paypal.com the router re-directs you to a site that looks like paypal but is really owned by the bad guys. You do not notice because your browser things it's talking to the real paypay site. There you enter your userid and pwd.


Moral - change your router password.
shermans
Rising Star
Posts: 1,052
Thanks: 27
Fixes: 1
Registered: 07-09-2007

Drive-by Pharming Security Risk

A friend of mine is very worried about this "drive-by pharming", and therefore has been trying to re-set the hardware default log-in on a BT Boyager 105 modem, but cannot find out how to do it. She raised a ticket because Plusnet supplied the modem, and unfortunately got a very unhelpful reply from support referring her to BT.

As Plusnet was actually the supplier, Plusnet should take responsibility - legally, the privity of contract is between the customer and Plusnet, not between the customer and the manufacturer of the modem, with whom there is no direct legal relationship - that is another story, but I am disappointed at Plusnet's attitude on this occasion, which does not live up to their excellent customer relations reputation.

Perhaps someone from Plusnet would care to comment.

Plusnet was referred in the ticket to the URL which describes the security issue in some detail
http://technology.timesonline.co.uk/tol/news/tech_and_web/the_web/article1415435.ece

Going back to the original problem of changing the log-in details on the hardware, could the answer be that the security risk only applies to broadband ROUTERS and not to broadband stand-alone MODEMS ? I am not sufficiently technical to know the answer.
Community Veteran
Posts: 4,729
Registered: 04-04-2007

Drive-by Pharming Security Risk

I suggest that your friend takes a look at the setup guides here;

http://www.plus.net/support/broadband/hardware/index.shtml

PlusNet even have a video tutorial on setting this modem up.

I note that the BT Voyager 105 is a USB modem, not a wireless router. Wink

Chilly
shermans
Rising Star
Posts: 1,052
Thanks: 27
Fixes: 1
Registered: 07-09-2007

Drive-by Pharming Security Risk

Thanks. I will get her to look at that.

But your response seems to indicate that this security risk only applies to routers and not to modems. Is that correct ?

Again, thanks for the help.
Community Veteran
Posts: 4,729
Registered: 04-04-2007

Drive-by Pharming Security Risk

That is correct.

Chilly