Browser Security News

Hackers armed with a Web browser and a rigged SWF (Shockwave) file can fire code execution exploits at most modern Wi-Fi routers, according to a warning from researchers at the GNUCITIZEN think-tank. The researchers, Adrian Pastor and Petko D. Petkov (pictured left), have found an easy way to use Shockwave files embedded on Web pages to silently launch a four-step attack to take control of any router that use the UPnP protocol.

In an interview over IM, Petkov said the attack would work against "99 percent of all routers" running around the world. "Using what we know, it is trivial to construct a massive router botnet," Petkov declared. Cisco - Using a Browser, Hackers Can Hijack Wi-Fi Routers - Ryan Naraine’s Security Watch