Top new - Bkav Corporation

Do your best, the rest will come !

1.4 million routers worldwide vulnerable to Pet Hole

12:26:00 | 23-04-2015

Full research: 1.4 million routers worldwide vulnerable to Pet Hole

Mountain View, Calif., April. 22, 2015 – Bkav Internet Security Corporation today releases an independent research which indicates 1.4 million routers worldwide are left unpatched against two long unearthed critical flaws. Dubbing it Pet Hole, Bkav says the issue is more dangerous than Heartbleed, the most notorious flaw of the year 2014.

Several security flaws in routers have been discovered and published widely. Many of them, rated critical, allow attackers to remotely take control of the system. However, no thorough fix has been made available, not to mention updating patches for routers is inherently much harder than updating software. Several users' routers might have not been patched at all. This inspired Bkav to conduct a research to examine security of 10,452,216 potentially vulnerable routers worldwide, and to provide users with a thorough and simple fix for the issue.

Pet Hole

Below are the key findings of the research, which was carried out in 4 months from December 2014:

- More than 1.4 millions of routers worldwide are vulnerable to Pet Hole

- Indonesia, Egypt, Italy lead in number of vulnerable routers

- Most G8+5 members do not appear in the list of 10 countries with highest number of vulnerable routers

- More than 90% of vulnerable routers are homed in China

- China produces most but not many routers in this country are vulnerable

The research also indicates that Pet Hole is even more dangerous than Heartbleed. While Heartbleed requires expert knowledge in security to be successfully exploited, Pet Hole exploitation only needs basic skill. While it's easy to patch Heartbleed, patching Pet Hole is complicated. According to Bkav, with a few basic instructions, even users with little knowledge in security might successfully attack a vulnerable router without any difficulties.

User being attacked via critical flaw in router

Mr. Ngo Tuan Anh, Vice President of Internet Security, Bkav Corporation, stated: "Router is like the door connecting users to the Internet. More than 1.4 routers are vulnerable is not at all simple, especially when approaching the issue from nations' security. If a nation has conspiracy to track other nations, it can totally carry out the scheme via this gateway."

Bkav has built a tool for users to check the existence of Pet Hole on their routers, as well as to fix the hole. The tool is available at CheckRouter.net.

You can download the full research here.

Bkav

Others

The DEEP#GOSU virus campaign takes advantage of Google Docs and Dropbox to attack Windows users

LockBit ransomware virus attacks Windows Domain servers in Vietnam

5 million websites are at risk because of vulnerabilities in WordPress' LiteSpeed

Warning: using AI to create fake images and voices to scam money

Bug in Microsoft Outlook allows hackers to steal information and take control of devices

OPSWAT and Bkav signed a strategic partnership

Summary of cybersecurity in 2023 and forecast for 2024

Warning: Many Elknot virus variants appear targeting Vietnamese Linux servers

Bkav launches Bkav Pro 2024 with the orientation of expanding the global market

Applications impersonating government agencies to spread viruses on Android are highly active in Vietnam