The Silicon Review
05 September, 2018
Another day, another hack!
It’s been just a month that the news of a crypto-mining malware campaign that compromised more than 200,000 MikroTik routers was out. And now, another report is creating a disturbance.
Chinese security researchers at Qihoo 360 Netlab have recently found that more than 7500 routers were compromised to actively eavesdrop on the targeted network traffic.
Exploited by the CIA Vault 7 hacking tool called Chimay Red, the vulnerabilities in all the MikroTik routers are Winbox (CVE-2018-14847) and Webfig remote code execution vulnerability. With communication ports TCP/8291, TCP/80, and TCP/8080, both Winbox and Webfig are RouterOS management components. Basically designed for Microsoft Windows, Winbox allows attackers to manually configure the pwned routers to bypass authentication and read arbitrary files.
As a safety move, vendors have rolled out security updates to close the loophole. But according to researchers, there is still a numerous number of MikroTik routers that are vulnerable to CVE-2018-14847. Victims of the malware campaign are spread across several nations: Russia, Iran, Brazil, India, Ukraine, Bangladesh, Indonesia, Ecuador, the United States, Argentina, Colombia, Poland, Kenya, Iraq, and few more European and Asian nations with Russia being the most affected.
If you think even your router is affected, the best way to protect yourself is to PATCH. It is highly recommended that users update their MikroTik routers and check if the HTTP proxy, Socks4 proxy, and network traffic capture function are being maliciously exploited.
There is good news for all basketball fans in India. Very soon, NBA themed promotions and experience zones will be launched in India. The announcement...
Dunzo, the app which is trying to make life easier for the people upto some extent plans to raise about Rs. 183 crore from different investors which a...
This event is organised with an aim to provide an opportunity where one and all can experience the developments in the field of defence and security-r...
After Samsung unveiled its new Galaxy A9 smartphone in Singapore last month, the company is all set to launch it in India on November 20. In Singapore...