alt Hacker NewsHow bad is it if someone infects my home router using such a thing? They can MITM non-encrypted requests, but there are not a lot of those, right?
What else can they do, assuming the computers behind the router are all patched up.
Replies
PhilipRoman • today at 8:13 PM
If you blindly TOFU ssh sessions, those can be pwned easily in many common use cases. Legacy software configurations like NFS with IP authentication will be bypassed. Realistically the most likely scenario is using your home as a VPN, or a DDOS node.
➕ show 1 reply
Asmod4n • today at 8:26 PM
they could try and exploit any device on your network, and since they see which servers you connect to and how often you communicate with one they can write phishing mails which are tailored just for you.
nhattruongadm • today at 7:36 PM
[flagged]
They can block traffic to update servers so the computers behind the router aren't all patched up, then exploit them. They also get access to all the IoT devices on the internal network. They can also use your router as a proxy so their scraping/attack traffic comes from your IP address instead of theirs.
It's definitely bad.