“Attacks which attempt to exploit vulnerabilities of routers are extremely lucrative for attackers,” says Tim Berghoff, G DATA Security Evangelist. “If attackers succeed in exploiting security holes, they are capable of performing manipulations such as changing the DNS settings. This would put criminals in a positions to intercept personal data such as credit card details or login data for online platforms and services. Likewise, there is the risk of premium telephone numbers being dialled without the owner’s knowledge or consent, resulting in high costs for the line owner.” Experts estimate that the attack that has just been discovered is just the tip of the iceberg – more attacks on routers and IoT devices can be expected in the future.
G DATA security expert Tim Berghoff explains the background to the attack in the G DATA SecurityBlog: https://blog.gdatasoftware.com/2016/11/why-hacking-routers-is-worthwhile