| A new malware called Misfortune Cookie targets office and home routers by exploiting a vulnerability in them . this will expose the device to the malware and leave it at its risk.What kind of risk does such an infection pose to the users attached to these systems? Is there a known solution to this? |
Hello,
The misfortune cookie is a vulnerability in routers from many popular manufacturers (e.g., Huawei, D-Link, ZTE). It allows any machine on a network (i.e., various devices) to be seized and for sensitive information to be accessed. The best current solution is to contact the manufacturer of the router for an upgrade that will address this problem.
“Misfortune Cookie” is a vulnerability in the firmware for some routers. Once the embedded software or firmware running the router is exploited, the attacker can access a CLI or Command Line Interface. The router can then be used to collect data, steal credentials, or upload malicious files to the computers connected to the router and compromise the network.
When this flaw or vulnerability was discovered in late 2014, it’s already been there for a decade. The origin of the problem is an error in the HTTP cookie-management mechanism in the firmware of the device. The only thing the attacker has to do is to send a single packet containing a malicious HTTP cookie to initiate an exploit.
It was Lior Oppenheim, Check Point Software Technologies Limited’s researcher for network and endpoint security, who discovered the flaw which was officially known as “CVE-2014-9222.” The flaw affects more than 12 million devices in 200 different models, according to Check Point. Any model that hasn’t been patched yet that uses the RomPager embedded web server software earlier than version 4.34 may be vulnerable.
Though there haven’t been any documented attacks regarding the Misfortune Cookie router flaw, Check Point is exposing the flaw as a wake-up call for SOHO or Small Office and Home networks as well as the embedded device industry.
