A good reason to change your wireless router's default password

This post is important for you if you:
  1. You run some version of Windows (XP, Vista, etc)
  2. You use a wireless router at home
  3. If you followed it's instruction manual to set it up. But you don't remember following any instructions in there that had to do with changing your routers password.
  4. If your friend set it up for you and you are not sure
This article on the Washington Post website reports the arrival of a new kind of Trojan (a what?), named Zlob which exploits the fact that people don't change the default password on their wireless routers. This trojan tries to guess such a routers password and if successful, modifies its network settings (DNS settings to be specific) so that all the future network traffic that you generate will be diverted to first pass through someone else's network before reaching it's original destination. This means that all unencrypted data passing through your connection (Eg. your instant messenger chats, some login name passwords, your bank details and even your email text to name a few examples) can be visible to someone else.

Zlob is one of the first of it's kind of trojan softwares to modifies a wireless router's settings to achieve it's goal. To date, this technique has only been employed by hackers who have to do this manually. Given a routers manufacturer and model number, Its surprisingly easy to find out a router's default password (here's an example found via a simple Google search).

These days it is getting increasingly difficult to avoid being affected by malwares (short for "malicious softwares"). According to the article above Zlob is one of the most downloaded Trojans today. So here are a few precautions
  1. Install a Antivirus Software. It's surprisingly common to see people dont know that they NEED to have a antivirus software installed. There are quite a few free ones available. But if you are happy to buy one, it's worth the money (see: Which Antivirus?)
  2. Install a Firewall Software. A firewall software sits between your computer and network based attacks (see: Which Firewall?)
  3. Make sure your Antivirus/ Firewall software automatically downloads updates to its detection databases. Remember, a few minutes of inconvenience are far better than days of computer problems!
So in case you get infected (and it may be a while before you find out) here's how can interfere with Zlob's tries at routing your traffic
  • Change your router's default password. Instructions on how to do this should be in your routers manual.
  • If you've misplaced them, look through the manufacturer's website for instructions
  • If nothing, google for it (here's an example)
  • And in case you suspect that you're already infected, try asking for help at Bleepingcomputer.com. Not only is it free but they are pretty good at wha they do (kudos guys!).