NSA-inspired paranoia within the hacker community about the pervasiveness of the government’s power to compromise equipment may be bearing real fruit.
A curious computer security professional published findings Saturday that deconstructed the firmware code for some D-Link router devices and discovered a backdoor built directly into the code. By changing the user-agent in a web browser to “xmlset_roodkcableoj28840ybtide,” a user could bypass the security on the device and get online or control the higher functions of the router.
The hackers at devtts0.com say models DIR-100, DI-524, DI-524UP, DI-604S, DI-604UP, DI-604+, and TM-G5240 use the compromised firmware.
Note the name of the user-agent needed to bypass the router security, spelled backward: edit by 04882 joel backdoor.
D-Link’s international headquarters are located in Taipei, Taiwan, Republic of China.
Raw Story is a progressive news site that focuses on stories often ignored in the mainstream media. While giving coverage to the big stories of the day, we also bring our readers' attention to policy, politics, legal and human rights stories that get ignored in an infotainment culture driven solely by pageviews.
Founded in 2004, Raw Story reaches 9 million unique readers per month and serves more than 30 million pageviews.