Thursday, April 19, 2007
The new frontier for hackers: your router
"Jack's null pointer exploit is effective on the Arm and xScale processors that are widely used in embedded devices, but it does not work on Intel architecture processors used by PCs.
In his demonstration, Jack plans to show how his attack could be used to make changes to the firmware of a router so that it injects malicious code into any executable files downloaded from the Internet. This technique could be used to turn legitimate software updates -- Microsoft's monthly software patches, for example -- into an avenue of attack."
So what routers use these processors? Almost all of the home firewall/router boxes made by D-Link, Netgear, Linksys and other brands. Most modern PDA's and Pocket PC's also use one of these processors.
Nothing like this is in the wild -- yet. But now that the concept is out, you can be sure it will be used sometime in the future. I will be tracking this closely. Best case scenario is that simple firmware upgrades to your router can close off the attack vector. Worst case scenario is that millions of home routers will need to be replaced.
Scary stuff . . . :-/
Posted by Rob S at 5:08 PM