Hackers have created a new tactic involving home routers in phishing attacks. This is extremely worrying for cybersecurity experts, as 64% of users have WiFi routers in their homes, and 1 in 6 do nothing to protect them, says VPN service provider NordVPN.
Attackers hijacked poorly protected routers and changed their settings. Once done, they could redirect users to a fake webpage that displayed a message, allegedly from the World Health Organization, asking them to download an app offering information about Covid-19.
The application would then function as an information thief and upload the stolen data to the hackers’ servers.
“This attack affected nearly 1,200 users who were not adequately protecting their home Internet. According to our research, many users do nothing to protect their smart devices, so the situation could happen again in the future if user habits don’t change, ”said Daniel Markuson, cybersecurity expert at NordVPN.
What are the dangers of hacking a WiFi router?
- Unwanted users. While this does not necessarily endanger user privacy, it could be quite annoying for many people and reduce the connection speed when an unwanted person is using the network. It becomes even more worrying if unwanted users decide to do something illegal, like shopping on the dark web or streaming pirated content.
- Spy on Internet traffic. A WiFi router typically provides an Internet connection to all smart devices in a household, including phones, laptops, smart TVs, and speakers. So if a router is hacked, it gives access to all traffic on the user’s network from any connected device, and an attacker can see anything you are doing online (from shopping to typing of your bank details).
- Take control of user’s internet activity. In a man-in-the-middle attack, a cybercriminal places their device between a victim’s device and the WiFi router. This allows hackers to secretly control user traffic, potentially redirecting them to a malicious site that trick users into entering their credentials or bank details.
- Redirection to malicious and phishing websites. To redirect a user, attackers can perform a DNS hijack. This is a type of cyber attack when the router settings are changed to redirect users to websites that trick them into disclosing personal information or to malicious websites that download malware to their device.
What can be done to protect home Wi-Fi networks?
“When it comes to hacking into computers or phones, the dangers seem clear to most people. However, WiFi routers do not store any information, so users pay little attention to protecting it. And that is why they are increasingly becoming the target of hackers, ”said Markuson.
The least you can do to protect your home router is to change your router’s default password. After that, you can turn off SSID (WiFi network name) broadcasts. If you hide your SSID, your home Wi-Fi name will not appear in the list when someone tries to connect. Instead, they’ll have to connect manually by typing in your home Wi-Fi name and password.
That way, a potential intruder will have to know the exact name of your home Wi-Fi as well as the password, he said.
Finally, install a VPN on your router, Markuson advised. A VPN will encrypt traffic on every device connected to your home WiFi. It scrambles all of your online data, making it complete gibberish for hackers trying to intercept your network.
Read: Buying corpses and other insurance scams hit South Africa