31
top 4 comments
sorted by: hot top controversial new old
[-] wesker 4 points 9 months ago* (last edited 9 months ago)

Wondering if this can affect routers running custom firmware as well, such as AdvancedTomato.

[-] kid@sh.itjust.works 10 points 9 months ago

In this particular case, the method of infection of the router was not disclosed. However, typically, the most common methods involve an open administration port to the internet (user interface or TR-069) or through the internal interface, in case a network host has been compromised.

They often perform brute-force password attacks, and once access is obtained, they look for typical Linux administrative tools (such as bash, etc.) and proceed to compromise the router.

So I understand that a router with custom firmware can be compromised if it has a weak password and resources to maintain the infection, or of course, a vulnerability that is exploitable.

[-] qprimed@lemmy.ml 2 points 9 months ago

typically, these old soho routers use ancient firmware with multiple known vulns. add to that the silly practice of opening the management ports to the public internet, and you have a potential disaster.

if your older hardware is capable of running an open source, maintained OS build, then do it. added functionality plus updated protection keeps these devices useful and out of landfills.

[-] Synnr@sopuli.xyz 4 points 9 months ago

No mention of the affected models?

this post was submitted on 26 Mar 2024
31 points (100.0% liked)

Cybersecurity

5855 readers
122 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Community Rules

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !securitynews@infosec.pub !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 2 years ago
MODERATORS