Why do companies use multiple domains? Why can’t they stick to one
Linksys forces password reset for Smart Wi-Fi accounts after router DNS hack pointed users at COVID-19 malware
Router biz Linksys has reset all its customers' Smart Wi-Fi account passwords after cybercrims accessed a bunch and redirected hapless users to COVID-19 themed malware. The mass reset took place after all user accounts were locked on 2 April, following infosec firm Bitdefender revealing that malicious persons were pwning …
COMMENTS
-
Wednesday 15th April 2020 20:13 GMT Down not across
Another "Smart" something turning out to be less so
And this is why you don't allow anything external to configure your network. At least with the likes of Ubiquiti (not that they are without their own foibles) offer the choice of running AP controller, NMS, etc locally if you don't like the idea of using their cloud version.
-
Thursday 16th April 2020 00:27 GMT Pascal Monett
"telling users to download and install an application that offers instructions"
So there are still people who believe you need to download something to get information and instructions.
We're in the 3rd millennium. Instructions are a URL away, via HTTP. There is no need to download anything.
I was going to rant about people's stupidity, but then I realized that, if people didn't get taken in by such obvious ploys, then scammers would be intelligent and I would be at risk of falling for it.
So my security demands that idiots continue to fall for such obvious ploys.
-
Thursday 16th April 2020 15:53 GMT paulll
Re: "telling users to download and install an application that offers instructions"
"We're in the 3rd millennium. Instructions are a URL away, via HTTP. There is no need to download anything."
Obviously, but here in the 3rd millennium, thanks to data capitalists, we have a Facebook app, a youtube app, an instagram app, an app for your tv channel, gawd knows what else these people have on their phones. So it probably doesn't seem remarkable to them, let alone as confusingly stupid as it does to you or me.
-
-
-
Thursday 16th April 2020 11:52 GMT Anonymous Coward
Re: Password Reset???
"Some people use same password on both the router and company website login:-)"
In my experience, many users use the same password EVERYWHERE, despite being advised not to do it repeatedly.
As the saying goes, the irony of the phrase Common Sense, is that it isn't very common. Increasingly less common every day by the looks of it. :-(
-
-
Thursday 16th April 2020 09:43 GMT Anonymous Coward
Surprise, surprise!!
Last year I bought one of these WiFi routers.
*
Warning signs: the only EASY way to configure the router was to set up a Linksys "cloud account". It took two days and lot of research to find out how to configure the device the old fashioned way: laptop, CAT-5 cable, router....and NO INTERNET ACCESS.
*
Once the pain was over I did a factory resent on the router, packed it back in the box, and gave it to the local charity shop. SEP!!
*
Why would Linksys (aka Belkin) provide the ability for a user to (re)configure a router from Bondi Beach? When (as this article clearly shows) anyone at Linksys, and any hacker getting into Linksys, can also (re)configure the router? To paraphrase Nike "Just DON'T do it!".
-
Friday 17th April 2020 20:05 GMT Anonymous Coward
Re: Surprise, surprise!!
Oh, yes....this Linksys crap has been going on since (at least) 2014.......six years worth of end users exposed to a nasty heck. Here's the solution....posted six years ago:
- http://jeramiah.net/2014/01/it-doesnt-matter-what-you-think-setting-up-the-linksys-ea6900/
-
Tuesday 21st April 2020 22:27 GMT Anonymous Coward
I would love to have been a fly-on-the-wall in that meeting
When they decided that a cloud configurable router was something customers wanted
I wonder what data they can get their grubby hands on in this environment carte blanche
Either that, or another route to planned obsolescence, after all, a service needs to be active for this to be viable, I hope its not a requirement