Banking And InsuranceCryptocurrencyDigital MarketingErpFood And BeveragesHealthcareLegalMarketing And AdvertisingMedia And EntertainmentMetals And MiningOil And GasRetailTelecom
Artificial IntelligenceBig DataCloudCyber SecurityE CommerceEducationGaming And VfxIT ServiceMobileNetworkingSAPScience And TechnologySecuritySoftwareStorage
CiscoDatabaseGoogleIBMJuniperM2MMicrosoftOracleOracleRed Hat
CEO ReviewCompany Review

The Silicon Review Asia

Pwned MikroTik Routers Eavesdrops On Network Traffic

Pwned MikroTik Routers Eavesdrops On Network Traffic

Another day, another hack!

It’s been just a month that the news of a crypto-mining malware campaign that compromised more than 200,000 MikroTik routers was out. And now, another report is creating a disturbance.

Chinese security researchers at Qihoo 360 Netlab have recently found that more than 7500 routers were compromised to actively eavesdrop on the targeted network traffic.

Exploited by the CIA Vault 7 hacking tool called Chimay Red, the vulnerabilities in all the MikroTik routers are Winbox (CVE-2018-14847) and Webfig remote code execution vulnerability. With communication ports TCP/8291, TCP/80, and TCP/8080, both Winbox and Webfig are RouterOS management components. Basically designed for Microsoft Windows, Winbox allows attackers to manually configure the pwned routers to bypass authentication and read arbitrary files.

As a safety move, vendors have rolled out security updates to close the loophole. But according to researchers, there is still a numerous number of MikroTik routers that are vulnerable to CVE-2018-14847. Victims of the malware campaign are spread across several nations: Russia, Iran, Brazil, India, Ukraine, Bangladesh, Indonesia, Ecuador, the United States, Argentina, Colombia, Poland, Kenya, Iraq, and few more European and Asian nations with Russia being the most affected.

If you think even your router is affected, the best way to protect yourself is to PATCH. It is highly recommended that users update their MikroTik routers and check if the HTTP proxy, Socks4 proxy, and network traffic capture function are being maliciously exploited.


Marketing Partnership: NBA, McDonald’s Will Jointly open NBA Experience Zones India

There is good news for all basketball fans in India. Very soon, NBA themed promotions and experience zones will be launched in India. The announcement...

Dunzo to Raise Funds from Google, others

Dunzo, the app which is trying to make life easier for the people upto some extent plans to raise about Rs. 183 crore from different investors which a...

Sapta Shakti Command Will Be Displaying Defence Technology Equipment at Jaipur Military Station

This event is organised with an aim to provide an opportunity where one and all can experience the developments in the field of defence and security-r...

Samsung is All Set to Roll out Its Galaxy A9 Smartphone On November 20

After Samsung unveiled its new Galaxy A9 smartphone in Singapore last month, the company is all set to launch it in India on November 20. In Singapore...