Irene ❤ původně napsal:

potato původně napsal:

what do you think firmware is

A firmware is not an operating system. It's just a simple config page for you to change IP and things.

Can we bring the router to a new place, connect to new computers and spread virus? It's impossible.

Unless the infected computer is connected, then it reads all the network ID in that router and spread virus to them. But that is not the router spreading virus, it is the infected computer.

Firmware is code that tells hardware how to operate be it a disk drive, printer, router or even a motherboard. It is basic code, but has the information needed to run.

You are right that infected computers can infect other computers on the network, but there are some that can infect the network hardware to allow others access to the network for other nefarious deeds.

Fajita Jim původně napsal:

Lots of misinformation in this thread.

https://www.pcguide.com/router/can-routers-get-viruses/

I don't really care if they can or not

Braiboo99 původně napsal:

Can a virus on a tablet, phone or PC infect a internet router and spread to other devices on that network or is it rare?

It would be extremely rare.

It's not that it can't, it's that it's not something that is normally targeted because there are easier ways to get access to what the malware creator wants if they've already got something installed on an infected system.

Somehow "infecting" the actual router would require flashing its bios with an altered version or, in the case of some multifunction unit, altering some client-side stuff.

In the US, ISPs are regulated to keep firmware updated to the latest compatible version with their systems. They flash your router's bios without you even being aware of it, updating it with whatever version, etc. (Their systems or "supported routers.") Or... not. Some ISPs don't do it often enough. But, in any case, they know what you're running and what version it is and what its supposed to be doing. They have to. If someone infected your firmware, their extraordinary efforts would likely be squelched the next time the ISP checked or updated it. So... that's a lot of effort and exposure just to have something sit there for a week.

So, why infect? Sure, they'd bypass all your client-side stuffs, more or less, but... if they could do that then you're already screwed and you've got someone spending a lot of effort just.... on you. Got any agry ex'es? In a divorce? Did you torque someone off you shouldn't have? If they could get that close to you and get inside your hardware, you're already borked and may as well call the Feds.

Having your router co-opted/cracked is possible, but most routers aren't set up to give admin access to points outside of the LAN. Your ISP only accesses their routers like that, not customer-supplied ones. (That does not mean a bad-actor at your ISP can't/won't do it- It's happened.)

Today, though, some ISPs are going to web-enabled settings with their supplied routers and customer accounts. Why? Maintenance, troubleshooting, and activity scraping... Depending upon what someone wanted, they may just go after that.

Flashing your router's bios is not something that's lightly done. I'd think somehow corrupting that process and injecting some firmware code would be an extraordinary targeted project for a non-state actor. But... there could be all sorts of freebie stuff out in the shadows that might let your neighbor's kid do it. :)

Note: Changing your router's settings isn't exactly "a virus." So, it's possible for someone to gain local access privileges on your side, maybe using malware, login to your router, and change its settings. Why? Heck, I dunno. And, yes, malware can spread to other systems on a network if that is its intent. It may take more than just an install on one system, though - Unless set up for it, computers don't like receiving unrequested connections.

PS: I am not 1337hackerman. Check your own stuffs or get your ISP to help. :)

It can if you install a 3rd party firmware that has a viruse.

Not only is it possible, it's a very old trick.

Source: ArsTechnica (Jun 28 2022) -- https://arstechnica.com/information-technology/2022/06/a-wide-range-of-routers-are-under-attack-by-new-unusually-sophisticated-malware/

Source: PCMag (May 23 2018) -- https://www.pcmag.com/news/malware-that-can-brick-wi-fi-routers-hits-500000-devices

Source: ComputerWorld (Aug 10 2014) -- https://www.computerworld.com/article/2491042/home-routers-supplied-by-isps-can-be-compromised-en-masse.html

As for the firmware being targeted, routers are essentially computers with a very limited scope of function capabilities handled through processor chips. The processors handle all data the same way by design, so it won't know the difference between malware and a streaming video. Someone mentioned ISPs using security updates, and that's true... unless the malware incorporates a permanence module.

Source: Sucuri (Sep 18 2020) -- https://blog.sucuri.net/2020/09/the-hidden-php-malware-that-reinfects-cleaned-files.html

Hit an ISP with a webserver PHP trojan, and any updates would only reinfect the network.

8 gubed původně napsal:

Braiboo99 původně napsal:

How rare if you don't mind me asking?

Extremely unlikely. To the point where the only realistic chance you get hit with router malware is if you piss a hacker off

Or China...

Yes... it can even infect you mouse, keyboard, cpu, graphics card, and rgb lights, or your mind if you wear headphones.

Wynters původně napsal:

8 gubed původně napsal:

Extremely unlikely. To the point where the only realistic chance you get hit with router malware is if you piss a hacker off

Or China...

China's nothing compared to Israel's Stuxnet. Now THAT was the stuff of nightmares.

🍋 Lemonfed 🍋 původně napsal:

some malware might target some vulnerabilities in the most popular router models

I laughed a bit because hackers would target most popular models, So a no name router nobody has heard of might be more secure.

All i do is have automatic updates on, Set to when I'm usually asleep.

Ghost Robertson původně napsal:

🍋 Lemonfed 🍋 původně napsal:

some malware might target some vulnerabilities in the most popular router models

I laughed a bit because hackers would target most popular models, So a no name router nobody has heard of might be more secure.

All i do is have automatic updates on, Set to when I'm usually asleep.

so can I sue telcomes that force me to use their router, because they're inducing a vulnerbaility into my network and failing their responsibilities to police themselves?

No? not a real solution then is it.

not even a response to reality, arguably.

No, because of biology. Routers are not made of organic material - they're made from synthetic material.

permanent name původně napsal:

so can I sue telcomes that force me to use their router, because they're inducing a vulnerability into my network and failing their responsibilities to police themselves?

No? not a real solution then is it.

not even a response to reality, arguably.

No one forces you to use any router, You can buy an Asus or Netgear or any brand you want.

Ghost Robertson původně napsal:

permanent name původně napsal:

so can I sue telcomes that force me to use their router, because they're inducing a vulnerability into my network and failing their responsibilities to police themselves?

No? not a real solution then is it.

not even a response to reality, arguably.

No one forces you to use any router, You can buy an Asus or Netgear or any brand you want.

are those fiber?

is my telcom going to accept some bootleg modem I slapped into their network? obviously not.

so I'm still going to have the same vulnerabilities, but with a smaller pool of no doubt more-enthusiastic obsessives.

permanent name původně napsal:

are those fiber?

is my telcom going to accept some bootleg modem I slapped into their network?

Yep, Fiber.

I'm on a 300Mbps/100Mbps connection and when i get a new router every now and then i set it up.

They did give me a free one but i took one look at it's spec's and brought a much better one.