VietNamNet Bridge – More than 200,000 home and business network devices in Vietnam are vulnerable to “Misfortune Cookie”, through which hackers can watch users’ operations and hijack devices from a distance, according to BKAV, the Vietnamese leading internet security firm.
This is only a portion of the more than 12 million devices suffering from vulnerability as reported by Checkpoint.
The hole lies in the RomPager web server, developed by AllegroSoft, often embedded in firmware for routers, modems and gateway devices of most of the leading manufacturers in the world.
The HTTP server provides a friendly web-based interface for users to configure the devices.
According to BKAV, the vulnerability in embedded web server exposes millions of routers to hacking, and all the versions of RomPager prior to 4.34 bear the flaw “Misfortune Cookie”.
On a map showing the effects caused by Misfortune Cookie globally, Vietnam is shown at a 4/5 level, with 200,000 devices containing the bug.
Misfortune Cookie can be exploited by sending a special request to RomPager server, causing an error to the gateway device’s memory, changing the status of the apps and the systems, then tricking the devices into providing administration right to the hackers.
As such, hackers can take over the device admin, which allows them to attack any other devices of the same network.
After that, hackers can track down the victims’ browsing history, read documents under the mode of plain text transmitted via the devices, change the DNS configuration and steal important information.
They can also regulate or watch webcams, computers or any other devices accessing the network.
BKAV, quoting Checkpoint’s report, said that at least 200 models of gateways and routers for home and office of well-known brands such as D-Link, Edimax, Huawai, TP Link, ZTE and ZyXEL contain Misfortune Cookie.
Vice president of BKAV, Ngo Tuan Anh, said the serious problem not only affects routers, modems and other gateway devices, but also any device that relates to it, including computers, tablets, printers and smarthome devices, such as a refrigerator and security camera.
Once routers contain the vulnerability, all the other devices of the same LANs will be exposed to attacks.
To date, no attack through Misfortune Cookie has been reported in Vietnam, according to Anh.
He confirmed that BKAV has examined some network devices bearing the TP Link brand and found Misfortune Cookie.
Buu Dien