Walmart-exclusive router and others sold on Amazon & eBay contain hidden backdoors to control devices

Jung

???
Premium
14,220
2,489
637
In a collaboration between CyberNews Sr. Information Security Researcher Mantas Sasnauskas and researchers James Clee and Roni Carta, suspicious backdoors have been discovered in a Chinese-made Jetstream router, sold exclusively at Walmart as their new line of “affordable” wifi routers. This backdoor would allow an attacker the ability to remotely control not only the routers, but also any devices connected to that network.

CyberNews reached out to Walmart for comment and to understand whether they were aware of the Jetstream backdoor, and what they plan to do to protect their customers. After we sent information about the affected Jetstream device, a Walmart spokesperson informed CyberNews: “Thank you for bringing this to our attention. We are looking into the issue to learn more. The item in question is currently out of stock and we do not have plans to replenish it.”

Watch the video below to hear directly from Sasnauskas, Clee and Carta about how they discovered the backdoors and what it means for everyday consumers:

Besides the Walmart-exclusive Jetstream router, the cybersecurity research team also discovered that low-cost Wavlink routers, normally sold on Amazon or eBay, have similar backdoors. The Wavlink routers also contain a script that lists nearby wifi and has the capability to connect to those networks.

We have also found evidence that these backdoors are being actively exploited, and there’s been an attempt to add the devices to a Mirai botnet. Mirai is malware that infects devices connected to a network, turns them into remotely controlled bots as part of a botnet, and uses them in large-scale attacks. The most famous of these is the 2016 Dyn DNS cyberattack, which brought down major websites like Reddit, Netflix, CNN, GitHub, Twitter, Airbnb and more...






 
  • 2Helpful
  • 1Like
Reactions: 2 users

BeautifulSniper

Lovely and deadly
1,076
610
136
We have also found evidence that these backdoors are being actively exploited, and there’s been an attempt to add the devices to a Mirai botnet. Mirai is malware that infects devices connected to a network, turns them into remotely controlled bots as part of a botnet, and uses them in large-scale attacks. The most famous of these is the 2016 Dyn DNS cyberattack, which brought down major websites like Reddit, Netflix, CNN, GitHub, Twitter, Airbnb and more...
I'm actually impressed.
 

MisterFister

There's a very good chance that I don't care.
3,458
5,089
257
Its a conspiracy?
lol....of course not. Are you one of those nutters? Big business and governments don't work in concert to increase their market share and increase their power and control, silly.
 
  • 1LOL
Reactions: 1 user