Millions of connected objects and routers at the mercy of hackers 1

Millions of connected objects and routers at the mercy of hackers

Posted by By Moyens Staff 12 months Ago 2 Min Read

connected objects defect

IT security experts at Nozomi Networks Labs have discovered a serious vulnerability. All versions of uClibc and uClibc-ng. These are two widely used libraries of the C programming language. They are popular among developers who develop Linux-based embedded systems.

As highlighted in the report published by Nozomi Networks Labs on Monday, May 2, 2022, the cause of the defect was: DNS queries Created by the library. According to researchers, query IDs are highly predictable. As a reminder, DNS is a service that allows you to translate an IP address (made up of digital symbols) into a domain name (made up of letters). Each IP address is associated with a domain name.

Also read: Serious security breach puts millions of apps at risk

Connected objects flaw allows your data to be stolen

Libraries are used extensively by NetgearAxis, Linksys and other major connected object providers and routers dedicated to home automation. Since the flaw has not been fixed yet, all devices of these brands are at the mercy of experienced hackers. Devices from more than 200 different vendors were affected. That’s why millions of terminals around the world are at risk.

Hackers can take advantage of this breach to distribute “DNS poisoning attacks against the target device”. Concretely, an attacker can deceive “by making a DNS client accept a false response” this will allow it to handle communications on the network from another device.

Finally pirate “can redirect network communications to a server under its control”. gets it later control of changed information by the user on the network. According to Viakoo, another firm specializing in security, hackers “we are increasingly focusing on propagating vulnerabilities through open source software libraries and exploiting them through IoT devices.”.

“This vulnerability remains unresolved but we are working with the library manager and the wider community to support the search for a solution.”reassures Nozomi Networks Labs, which refuses to provide further information about the flaw until a fix is ​​found.

See also:  How to Maximise Savings During Sales Events Like Amazon Prime Day or Black Friday
Tags:
Moyens Staff
View More Posts
Moyens I/O Staff is a team of expert writers passionate about technology, innovation, and digital trends. With strong expertise in AI, mobile apps, gaming, and digital culture, we produce accurate, verified, and valuable content. Our mission: to provide reliable and clear information to help you navigate the ever-evolving digital world. Discover what our readers say on Trustpilot.