It’s difficult enough for traditional media such as newspapers to attract and keep readers, but the next time Política Estadão tries to boost its circulation, it may face uncomfortable questions about how it will protect its subscribers’ home routers from hackers.

According to a blog post from Fioravante Souza, a researcher with website security firm Sucuri, visitors to the Brazilian newspaper’s website were recently confronted with a series of iFrames that were loaded on the home page. These iFrames would then run a script that would attempt to identify users’ IP addresses, then guess the most common default passwords to change the configurations of their DSL home router.

Attacks on Home Routers Not Uncommon

This incident with Política Estadão is not the first of its kind. In fact, on Sept. 2, Fabio Assolini, senior security researcher for Kaspersky Labs, provided a detailed report on a similar series of attacks. In this case, hackers used emails that tricked consumers into clicking on a link that took them to websites resembling those of Brazilian banks. The sites ran scripts that attempted to change Domain Name System home router settings and access financial credentials. Assolini wrote that he expects this approach to spread quickly in Brazil as the number of victims increases.

An analysis of the Política Estadão attack on ThreatPost points out that iFrames are by no means a new form of attack vector and that home routers in particular are often targeted due to perceived weak security settings. For example, these devices may not be patched as often as similar equipment in the enterprise. What’s worse, the increasing number of devices that may be accessing the Internet to provide more advanced services in so-called “smart homes” might only serve to exacerbate the problem. The MIT Technology Review recently looked at the vulnerabilities around IP-connected TVs, printers and remote storage devices, among other possibilities.

Security Practices Vital

Fortunately, consumers don’t have to do much to avoid the most dire consequences of these attacks. While eWEEK showed research as far back as 2008 that home routers could be open to hackers, the potential fixes include developing passwords stronger than simply “admin,” disabling JavaScript and/or play options in browser settings and, of course, never clicking on suspicious links in emails or on websites. Script blockers such as NoScript and NotScripts may also be worth considering.

Who’s Worried About Home Network Security?

Given how much corporate work gets done at home, it may be time for chief security officers to ensure employees are well-educated on these types of security practices. Organizations such as Política Estadão could also take on a security-based mission as an act of public-service journalism. After all, people expect to get bad news in the newspaper sometimes, but no one wants to end up being part of this kind of story.


Image source: Wikimedia Commons

More from

Beyond Requirements: Tapping the Business Potential of Data Governance and Security

3 min read - Doom and gloom. Fear, uncertainty and doubt. The "stick" versus the "carrot". What do these concepts have in common? They have often provided the primary motivation for organizations’ data governance and security strategies. For the enterprise, this mindset has perpetuated the idea that data governance, data security and data privacy are reactive cost centers existing due to externally imposed requirements or mandates.Yet, what if data governance and security practices could upend the prevailing paradigm and demonstrate direct business value?[button link="https://community.ibm.com/community/user/security/events/event-description?CalendarEventKey=8d7fdc61-97bf-43b0-b7d6-018756e436a6&CommunityKey=aa1a6549-4b51-421a-9c67-6dd41e65ef85&Home=%2fcommunity%2fuser%2fsecurity%2fcommunities%2fcommunity-home%2frecent-community-events"…

3 min read

Protecting Against Remote Monitoring and Management Phishing

3 min read - You use remote monitoring and management (RMM) software to closely monitor your cyber environment and keep your organization safe. But now cyber criminals are specifically targeting these tools, causing legitimate software to become a vulnerability. This is the latest type of attack in an increase in a recent trend of disruptive software supply chain attacks. The Cybersecurity and Infrastructure Security Agency (CISA) recently released an alert about the malicious use of legitimate remote monitoring and management (RMM) software. Last fall,…

3 min read

Secure-by-Design: Which Comes First, Code or Security?

4 min read - For years, developers and IT security teams have been at loggerheads. While developers feel security slows progress, security teams assert that developers sacrifice security priorities in their quest to accelerate production. This disconnect results in flawed software that is vulnerable to attack. While advocates for speed and security clash, consumers must often pay the price when threat actors strike. 48% of developers admitted they were still shipping code with vulnerabilities in 2022. It’s clearly time for a change. Many believe…

4 min read

ITG10 Likely Targeting South Korean Entities of Interest to the Democratic People’s Republic of Korea (DPRK)

7 min read - In late April 2023, IBM Security X-Force uncovered documents that are most likely part of a phishing campaign mimicking credible senders, orchestrated by a group X-Force refers to as ITG10, and aimed at delivering RokRAT malware, similar to what has been observed by others. ITG10's tactics, techniques and procedures (TTPs) overlap with APT37 and ScarCruft. The initial delivery method is conducted via a LNK file, which drops two Windows shortcut files containing obfuscated PowerShell scripts in charge of downloading a…

7 min read