July 18, 2022

3501

0

Author: Billie Walden

How to Protect Your Wi-Fi [A Ready-Made Guide]

Everybody knows that a router is a favorite place for all criminals who want to get their hands on data about a specific person. The router is a place through which all network traffic passes without an antivirus checking process.

It turns out that the malware that can settle in the router has a lot of chances to remain unnoticed for as long as possible.

But what exactly can the malware do in the router, and how can you protect it? We will tell you in this article.

Have you heard about Wi-Fi pranks? Learn more here.

What criminals can do with an infected router

1. Create a botnet

The first thing that can happen in case of infection is that the router becomes part of the botnet. This means that your router joins a network of devices that send a lot of requests to a certain site during a DDoS attack. The purpose of such an attack is to bring the load on the site to the maximum value so that it simply stops working.

At the same time, the owner of the affected router observes a decrease in the speed of their internet connection because their router is involved in a DDoS attack. 

Is a DDoS attack dangerous? Read more here.

By the way, in 2021 the most popular malware for routers were Mirai and Mēris. The former occupies a dominant position, since half of all attacks on routers around the world are its work.

Here is some information about each popular malware:

• Mirai has been known since 2016. From Japanese, it translates euphoniously as “future.” However, its true purpose is to take away the future. It attacks not only routers but also IP cameras, various devices, digital panels, and much more. Its source code has been leaked to the network for a long time, but new variants are being added with great speed.
• Mēris – is one of the most dangerous and popular types of malware. It translates from Latvian as “plague.” Here the translation is fully confirmed by its actions. It has already hit thousands of different routers.

All types of malware are here.

2. Steal data

In addition to malware that wants to drag you into committing DDoS attacks, there is malware that is aimed at stealing your data. And this type of malware is more serious and dangerous.

Thousands of bits of your data pass through the internet every day: these are payment card data, passwords from social networks, documents sent via email, and much more. All this passes through the router, and if it is infected the malware will steal them and hand them over to criminals.

The most famous malware from such a group is VPNFilter. It infects routers and NAS servers. Then it collects all the necessary information and disables the router.

3. Substitute sites

The most cunning malware is the one that redirects you from the correct site to a malicious one. Not only can viruses be waiting for you there to attack the PC as a whole, but also cyber criminals who will penetrate your device completely unnoticed by you.

The scheme looks something like this: you enter the URL of a site in the address bar, for example, google.com, and the PC or smartphone sends a request to a special DNS server – all registered IP addresses and their corresponding URLs are stored there. If the router is infected, instead of a legitimate DNS server, it can send requests to a fake one that will respond to the request “google.com” with an IP address of a completely different site – for example, a phishing site.

Read more about phishing here.

The most famous malware from this group is Switcher.

How does malware get into the router?

There are only two main ways to get malware on your router. The first is to find the administrator password. The second is to take advantage of its vulnerabilities.

1. Unfortunately, all the necessary conditions have been created for password detection. First of all, the same administrator password is set on all routers of the same model at the production stage. 

It is important to understand that the administrator password is not a Wi-Fi password, but a password required to enter the router settings menu. If the user leaves these factory settings, then it is very easy to hack it.

By the way, recently router manufacturers became aware of this problem and decided to set a unique password for each device. However, on older models the original settings of the same passwords remain.

2. Vulnerability in the router is a serious security hole for your data on the internet. By the way, the Mēris botnet is based on exploiting vulnerabilities in the router. In addition, over the past two years, several hundred new malware versions have been discovered that exploited the vulnerabilities of the router.

To protect the router and its vulnerabilities, manufacturers release various patches and updates. However, most users still do not know that the router needs to be updated just like other programs.

How to protect your router

After reading the information, you probably have a question: how can you protect your router and secure all your data? To do this, we have prepared some convenient instructions.

1. 1. Visit the router manufacturer’s website for new updates. If an update is available, then be sure to install it on your device. Note that some router models receive updates automatically, but sometimes they need to be installed manually.
2. 2. Come up with a complex password consisting of letters, numbers, and symbols. 

How to come up with a strong password – read our article here.

1. 3. Disable remote access to your router. Such instructions can be found on the manufacturer’s website.
2. 4. Take care to use the correct Wi-Fi setup. That is, come up with a reliable and unique password, turn on data encryption, and turn on the guest network to protect against neighbors.
3. 5. Install a VPN on the router. This way all your traffic will be securely encrypted.

Here is a list of VPN services with a free trial period.