The True Cost of a Low Cost Router

Thinking about buying a low cost WiFI router?

Be careful. Jetstream routers sold exclusively at WalMart, and Wavlink routers sold on Amazon and eBay, contain suspicious back doors that could lead to attackers having the ability to remote control the router and anything attached to it. These Jetstream routers are part of Walmart’s new line of affordable WiFi routers.

Walmart-exclusive-router-and-others-made-in-China-contain-hidden-backdoors-to-control-devices-750x375.jpg

These routers are easily 1/3rd of the price for comparable performing WiFI routers, but that low price comes with a potential high cost – your security. There are back doors built in, remote code execution vulnerabilities, plus a script built into the firmware to perform a network discovery scan – this functionality isn’t documented. We’re not saying that you will definitely get compromised using these routers, but the pieces are in place for it – pieces which have no value to you, but great value to bad actors. We definitely won’t be buying one of these, and anyone who asks, we will point them to something else. 

Both brands are owned by the same company, Winstars Technology. This isn’t a smoking gun by itself, many companies have multiple brands marketed to different channels. The different brand routers appear to be the same of very similar. You should know by now that China requires Chinese companies to store all of their collected data in country, and make it available to the government. 

WHAT SHOULD I DO IF I HAVE ONE OF THESE ROUTERS?

Our advice matches what the cybernews researchers say –

  1. get a new router;

  2. change all your online passwords (assume they’ve been compromised) AFTER you get the new router;

  3. and, destroy the current device so someone else isn’t a victim. I’d also be looking for malware on the computers connected to it as well.

SOURCE: https://cybernews.com/security/walmart-exclusive-routers-others-made-in-china-contain-backdoors-to-control-devices/

Previous
Previous

Medical Centers impacted by ransomware around the U.S.

Next
Next

DIY Security Awareness Training