Your average home ADSL router can easily be hacked, despite the fact that these devices are usually the gatekeepers to your home network.
This is because ADSL routers are low-cost consumer devices in which there is typically not much security investment, and which are not maintained or updated by the average user, said SensePost CTO Dominic White.
White demonstrated this by running a “drive-by attack” on a router running DD-WRT third-party firmware. Similar attacks are possible against other router software, while several other types of attacks against home ADSL routers can also be executed.
“There was a competition at Defcon last year  called SOHOpelessly Broken, focusing on attacks on these things,” said White.
However, a lot of those attacks require physical access to the device, or that the attacker is connected to the same local network as the router.
White demonstrated a type of attack that a hacker could use that doesn’t require either of those connections – a cross-site request forgery (CSRF).
This attack exploits the fact that users might log into their router to check or change something and then not log out. Some router firmware doesn’t even offer the option to log out.
A hacker might then set up an attack website, or have the HTML needed to execute the attack delivered over an advertising network that may not scrutinise the content of the ads it serves.
In this way, an attacker could change the username and password of routers that don’t have protection against CSRF attacks. If login to the router was previously restricted to the local network, an attacker could also make it accessible from the Internet.
Watch a cross-site request forgery attack in action
The video below shows how a CSRF attack is executed.