September 29, 2017 |

Newfound router flaw lets hackers control home internet connections

The flaw would give attacker complete control over a home’s internet traffic – another example of widespread problems with weak router security. Berkshire, UK – 2nd September 2016: F-Secure researchers have uncovered a critical vulnerability in some models of Inteno home routers that, if exploited, is severe enough to allow an attacker complete control over […]

The flaw would give attacker complete control over a home’s internet traffic – another example of widespread problems with weak router security.

Berkshire, UK – 2nd September 2016: F-Secure researchers have uncovered a critical vulnerability in some models of Inteno home routers that, if exploited, is severe enough to allow an attacker complete control over the victim device and the internet traffic travelling through it. The finding highlights the security challenges plaguing consumer routers.


The vulnerability allows an attacker to install their own firmware to the device, which would still work as before, but with back doors and other unwanted features. An attacker exploiting the flaw would be able to listen in on unencrypted traffic going through the router, not just device-to-internet, but device-to-device inside the home; as well as manipulate the victim’s browsing sessions by redirecting to malicious sites.


“By changing the firmware, the attacker can change any and all rules of the router,” says Janne Kauhanen, cyber security expert at F-Secure. “Watching video content you’re storing on another computer? So is the attacker. Updating another device through the router? Hopefully it’s not vulnerable like this, or they’ll own that too. Of course, HTTPS traffic is encrypted, so the attacker won’t see that as easily. But they can still redirect all your traffic to malicious sites that enable them to drop malware on your machine.”


The router type in question typically receives firmware updates from a server associated with the user’s internet service provider (ISP). But problematically, the vulnerable routers make no effort to confirm the update is valid and comes from the right place. An attacker who has already gained access to the traffic between the home router and the ISP’s update server (for example, by accessing an apartment building’s network distribution trunk) can set up his own update server. He could then apply a malicious firmware update.


Researchers say this case is just the tip of the iceberg when it comes to router security issues. And while the need for computer security is well understood, consumers are often unaware that a router is just as vulnerable.


“It’s ridiculous how insecure the devices we’re sold are,” says Kauhanen. “We and other security companies are finding vulnerabilities in these devices all the time. The firmware used in routers and Internet of Things devices is neglected by manufacturers and their customers – by everyone except hackers, who use the vulnerabilities to hijack internet traffic, steal information and spread malware.”


The flaw, while severe, is not immediately exploitable. An attacker would need to have already achieved a privileged network position between the router and the point of entry of the internet. Affected devices are Inteno EG500, FG101, DG201, and possibly others.


According to Harry Sintonen, F-Secure’s senior security consultant who found the vulnerability, there is no way for a consumer to prevent their router getting exploited, short of replacing it with a new router without this particular vulnerability, or by installing the firmware that fixes the issue once it is available.


However, he points out that replacing the router is problematic advice. “As vulnerabilities in consumer DSL equipment are extremely common, it could well be that the device switch only leads to an even worse security situation,” he says.


By following the usual security best practices, however, consumers can mitigate damages should their router become a victim of attack:


  • Keep browsers and other software updated to prevent hackers exploiting security flaws in old software.
  • Use reliable internet security software such as F-Secure SAFE that stays constantly updated, to prevent a hacker from dropping malware.
  • Use a VPN such as F-Secure Freedome to encrypt internet traffic – even if the router was hacked, encryption would prevent an attacker from spying.


The vendor and authorities have been made aware of this vulnerability well before this public disclosure.



About F-Secure

Nobody knows cyber security like F-Secure. For three decades, F-Secure has driven innovations in cyber security, defending tens of thousands of companies and millions of people. With unsurpassed experience in endpoint protection as well as detection and response, F-Secure shields enterprises and consumers against everything from advanced cyber attacks and data breaches to widespread ransomware infections. F-Secure’s sophisticated technology combines the power of machine learning with the human expertise of its world-renowned security labs for a singular approach called Live Security. F-Secure’s security experts have participated in more European cyber crime scene investigations than any other company in the market, and its products are sold all over the world by over 200 broadband and mobile operators and thousands of resellers.


Founded in 1988, F-Secure is listed on the NASDAQ OMX Helsinki Ltd. |


F-Secure media relations 

Geoff Dorrington

PR manager, F-Secure UK & Ireland


T: 01753 376592



Latest Events
Press Archives
Select Year

Latest Press Releases

March 15, 2018

F-Secure’s Aviation Cyber Security Services Takes Off

F-Secure’s new service combines expertise in aviation and cyber security to help aviation companies protect their most critical assets. Buckinghamshire, UK – March 15, 2018: Trust is everything in the aviation industry. And a successful cyber attack – even a minor one against something like an in-flight entertainment system – could undermine confidence in airlines […]

February 28, 2018

F-Secure Introduces Unique Partner-Driven Service to Stop Targeted Cyber Attacks Globally

Channel partners have immense new service opportunities to protect their customers from rising numbers of targeted and fileless attacks with a leading-edge managed endpoint detection and response service. Buckinghamshire, UK – February 28, 2018: Businesses globally are being compromised by an onslaught of targeted and fileless cyber attacks, and industry-leading cyber security vendor F-Secure is […]

February 22, 2018

Incident Detection, Email Attacks Continue to Cause Headaches for Companies

F-Secure’s new Incident Response Report points to email inboxes as the weakest link in security perimeters, and finds that companies struggle with quickly and accurately detecting security incidents. Buckinghamshire, UK – February 22, 2018: Over one-third of all security incidents start with phishing emails or malicious attachments sent to company employees, according to a new […]

February 14, 2018

F-Secure appoints Beta Distribution as a UK distributor of security solutions for corporate resellers

Buckinghamshire, UK – 14th February 2018: Global cyber security company F-Secure today announces the appointment of Beta Distribution as a UK distributor for corporate resellers. Beta Distribution, Headquartered in London and with offices throughout the UK, is a specialist product, services and solutions IT distributor which serves over 3,000 resellers across the UK, including over […]

%d bloggers like this: