WELCOME

to the house of Harry Plopper

Although not as large as the number of network vulnerabilities

June 23, 2019 by Catherine Pope Catherine Pope photo

Although not as large as the number of network vulnerabilities described by Netlab 360, it is expected that attacks on vulnerable routers will further increase in frequency over the coming months. "When the majority of the routers are vulnerable, they are going to continue to be exploited," says Kim, who is also a security researcher at Netlab.

The vulnerability exploited in the last wave of MikroTik vulnerabilities was discovered by Netlab 360's Yishan Chen in April. Chen, a professor of computer science and engineering at the Chinese Academy of Sciences and an expert in vulnerability research, first discovered the flaw in the Winbox routers in January. In April, he began to see new problems with the Winbox routers.

According to Chen, several of the Winbox routers were infected with several attacks by malware. "It is very common to see a large number of infected devices," he says, "and there are a lot of security vulnerabilities that are not patched by the operating system. So, it is a really important step in the right direction to fix those bugs." Chen discovered one of the most recent Winbox routers to be vulnerable, which he named "NixOS-X-01".

"What we are seeing is a lot of new code being injected into the Winbox for remote access," he says. "We have seen that the Winbox routers have been infected so that when you install Winbox you will see a bug or two. It is very common to see that Winbox routers are being compromised, especially in Latin America where the government is using them in an attempt to make it easier for the government to control routers."

In the first wave of the NixOS-X-01 attack, Chen discovered that the Winbox routers were infected with "A" and "B" vulnerabilities. These two vulnerabilities were exploited by a malicious code embedded in the Winbox routers that was also exploited in September.

"It is very common to see that Winbox routers have been infected so that when you install Winbox you will see a bug or two. It is very common to see that Winbox routers are being compromised, especially in Latin America where the government is using them in an attempt to make it easier for the government to control routers."

Comment an article