The Wal-Mart Jet Stream Router has a Nasty Backdoor — What You Need To Know

The Wal-Mart Jet Stream Router has a Nasty Backdoor — What You Need To Know

Chinese routers sold on Amazon, Walmart, and eBay have backdoors in them that are already being exploited by hackers

Senior information security researcher Mantas Sasnauskas and researchers James Clee and Roni Carta, in collaboration with CyberNews, have discovered that the Jetstream routers sold exclusively by Walmart have a backdoor that hackers as well as all devices connected to the network could be remotely controlled

Researchers also found similar backdoors in low-priced Wavlink routers, also made in China and sold on Amazon and eBay

These backdoors essentially allow hackers to gain unauthorized access to virtually closed systems

Once access to a router, whether in the home or office, is gained, the hacker has a pathway to exploit other devices connected to that network And this can be done without the hacker being aware that the hack is taking place

While some router backdoors require physical access, these router backdoors and the hidden administrator-level user interface for them can be accessed remotely from across the Internet This hidden interface is different from the standard administrator interface accessible to authorized users on the local network

Once hackers reach this user interface, they can discover the router's user name and password by inspecting the HTML code of the administrator page If that information is found in the page's JavaScript, the hacker will have the information needed to log into the administrator controls and gain remote access to the router

"We have also found evidence of active exploitation of these backdoors, with attempts to add devices to the Mirai botnet Mirai infects devices connected to the network, turning them into bots that are remotely controlled as part of a botnet, which can then be used to launch large-scale malware that is used in large-scale attacks," CyberNews explains

The Mirai botnet is one of the largest in the world It is essentially a massive network of routers and other "Internet of Things" devices that can be used for large-scale cyberattacks, from spreading malware to executing distributed denial-of-service (DDoS) attacks In 2016, it took down a lot of Internet access on the East Coast of the United States Mirai botnet

In short, the fact that these backdoors are being placed in routers that are positioned as affordable devices, devices that could be sold in large numbers, means that many people could be victims of cyber attacks, which is quite alarming This is quite alarming

When CyberNews contacted Walmart to learn more about the problem, the retailer said it was investigating the issue and that it no longer had any affected Jetstream routers in stock and had no plans to restock However, that still means that a huge number of routers are still out in the wild and may contain active vulnerabilities

This is because Internet service providers tend to have backdoors in the routers they provide to their customers for remote diagnostics and updates

However, Winstars Technology Ltd, to which the Jetstream and Wavlink bands belong, is not an ISP

The fact that this backdoor leads to a user interface accessible via the Internet means that these vulnerabilities can be exploited fairly easily by hackers with knowledge of backdoors This knowledge first surfaced in April, when CyberNews and researchers discovered that backdoors were being actively exploited

One might also wonder why such backdoors exist in two seemingly different routers The researchers found that they are manufactured by the same company based in Shenzhen, China, and that the Jetstream model is effectively a white-label version of the Wavlink router (As of this writing, the Wavlink router, which sells for $3699, is Amazon's Choice )

These security issues are a problem with cheaper routers, where quality control and security firmware testing may not be done as well as with more expensive routers

If you have one of these Jetstream or Wavelink routers, your best bet is to remove them Currently, there does not appear to be a firmware fix for the backdoor

Unfortunately, this is one of those cases where you pay the price you pay We suggest trying to buy the best router you can afford

However, we also recommend that you check out our selection of the best Wi-Fi routers Also, don't forget to change your admin password so that hackers can't get lucky guessing your common admin password

Categories