Home
 » ISP News » 
Sponsored Links

Is it the ISPs Fault if Your Home Broadband Router Gets Hacked?

Tuesday, Mar 11th, 2014 (2:49 pm) - Score 5,679
security_broadband_isp_routers

As consumers we have a right to be huffy at our ISPs when something goes wrong. But is the Internet provider still to blame if, as in the recent cases of AAISP and now PlusNet, your home broadband router ends up being hijacked by a DNS redirection exploit?

Last week ISPreview.co.uk carried word that more than 300,000 home broadband routers, albeit mostly in Vietnam, had been infected by a new Domain Name System (DNS) redirection exploit. This effectively hijacks the routers / your website requests and redirects the traffic to phishing servers that could be used to steal the owners personal information (here).

Shortly thereafter it emerged that some of AAISP’s customers in the United Kingdom had also been hit by a related exploit, which had changed the DNS settings on their routers to untrustworthy servers (199.223.215.157 and 199.223.212.99). The ISP wisely spotted the activity by logging when customers tried to access the aforementioned IP addresses and then contacting related users.

Meanwhile an article on The Register has just confirmed that customers of BT’s sibling ISP, PlusNet, have also been suffering from the same problem. No doubt they won’t be the only ones.

A Spokesperson for PlusNet said:

Since last week, we’ve seen an increase in the amount of malicious DNS traffic being directed through to Plusnet IP ranges.

It appears that some of our customers, (and no doubt a number of other people out on the internet) running TP-Link, Linksys and Edimax routers have been compromised due a vulnerability which appears to allow the allocated DNS server in the router to be changed.

This means requests to domains like Facebook or Google are being redirected on ALL devices behind the router to a website which contains a malicious payload disguised as a Flash update.”

PlusNet also clarified that the routers they provide aren’t vulnerable to the hijack, which means that the issue is hitting subscribers that own third party kit (i.e. not ISP supplied). The earlier reports also indicated that most of the vulnerable kit tended to be end-of-life routers that were no longer receiving firmware updates and thus weren’t being patched against modern flaws.

Admittedly if it was the ISPs own hardware at fault then they would inevitably need to accept some responsibility for resolving the problem. But in this instance some customers have been quick to blame their Internet provider and often without realising that the fault rests with their own hardware and not the provider.

In the land of Internet provision the lines of responsibility are often blurred by a fog of technical jargon and or a simple lack of knowledge, which can lead some consumers to incorrectly apportion blame to the wrong recipient. At the same time ISPs do still have a responsibility to ensure that they don’t allow their customers and network to become hubs for bad traffic, thus the question is often – where do you draw the line?

Ultimate responsibility for problems like this should reside with the end-user, which could involve replacing or patching the device to ensure that the issue does not re-occur. In other cases it may also be possible to add a firewall rule that could block an attack vector used by the exploit but these tend to vary and may not be a lasting solution.

However ISPs can also do their bit by keeping an eye out for bad traffic and notifying related customers when spotted, ideally alongside some constructive advice rather than a “Oh noes.. you’ve been hacked! Goodbye” style response. But we shouldn’t be expecting ISPs to do everything for us.

Share with Twitter
Share with Linkedin
Share with Facebook
Share with Reddit
Share with Pinterest
Mark-Jackson
By Mark Jackson
Mark is a professional technology writer, IT consultant and computer engineer from Dorset (England), he also founded ISPreview in 1999 and enjoys analysing the latest telecoms and broadband developments. Find me on X (Twitter), Mastodon, Facebook and .
Search ISP News
Search ISP Listings
Search ISP Reviews

Comments are closed

Cheap BIG ISPs for 100Mbps+
Community Fibre UK ISP Logo
150Mbps
Gift: None
Virgin Media UK ISP Logo
Virgin Media £24.00
132Mbps
Gift: None
Shell Energy UK ISP Logo
Shell Energy £26.99
109Mbps
Gift: None
Plusnet UK ISP Logo
Plusnet £27.99
145Mbps
Gift: None
Zen Internet UK ISP Logo
Zen Internet £28.00 - 35.00
100Mbps
Gift: None
Large Availability | View All
Cheapest ISPs for 100Mbps+
Gigaclear UK ISP Logo
Gigaclear £15.00
150Mbps
Gift: None
YouFibre UK ISP Logo
YouFibre £19.99
150Mbps
Gift: None
Community Fibre UK ISP Logo
150Mbps
Gift: None
BeFibre UK ISP Logo
BeFibre £21.00
150Mbps
Gift: £25 Love2Shop Card
Hey! Broadband UK ISP Logo
150Mbps
Gift: None
Large Availability | View All
The Top 15 Category Tags
  1. FTTP (5473)
  2. BT (3505)
  3. Politics (2525)
  4. Openreach (2291)
  5. Business (2251)
  6. Building Digital UK (2234)
  7. FTTC (2041)
  8. Mobile Broadband (1961)
  9. Statistics (1780)
  10. 4G (1654)
  11. Virgin Media (1608)
  12. Ofcom Regulation (1451)
  13. Fibre Optic (1392)
  14. Wireless Internet (1386)
  15. FTTH (1381)

Helpful ISP Guides and Tips

Promotion
Sponsored

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms , Privacy and Cookie Policy , Links , Website Rules , Contact
Mastodon