Cyber-security experts are worried after a group of hackers used home routers in phishing attacks. Nearly two thirds of users have wifi routers in their household, but one in six do nothing to protect them.

The attackers were hacking poorly protected routers and changing their settings. Once that was done, they could redirect users to a fake web page that displayed a message, purportedly from the World Health Organisation, telling users to download an application that offers information about Covid-19. The application would then work as an info stealer and upload the stolen data to hackers’ servers.

“This attack affected almost 1200 users who didn’t protect their home internet enough,” said Daniel Markuson, a cyber-security expert with NordVPN. “According to our research, many users do nothing to protect their smart devices, so the situation might repeat itself in the future if users’ habits don’t change.”

The most common danger of a wifi router being hacked is to have unwanted users. While this does not necessarily put users’ privacy in danger, it could be annoying for many people and reduce the connection speed when somebody unwanted uses the network. It becomes even more worrying if the unwanted users decide to do something illegal, such as shopping on the dark web or streaming pirated content.

However, a wifi router usually provides internet connection to all the smart devices in a household, including phones, laptops, smart TVs and speakers. So, if a router gets hacked, it gives access to all the traffic on the user’s network from any device connected to it, and an attacker can see everything you are doing online from shopping to entering your bank credentials.

In a man-in-the-middle attack, a cyber criminal places their device between a victim’s device and the wifi router. This allows hackers to control the user’s traffic secretly, potentially redirecting him or her to a malicious site that fools users into entering their credentials or banking details.

To redirect a user, attackers can perform DNS hijacking. It is a type of cyber attack where the router settings are changed to redirect users to web sites that trick them into giving away personal information or malicious web sites that download malware onto their device.

“When it comes to hacking computers or phones, the dangers seem to be clear to most of the users,” said Markuson. “However, wifi routers don’t store any information, so users pay little attention to protecting them. And that is why they become targets for hackers more and more often.”

The least someone can do to protect their home router is change their default router password. After that, they can turn off SSID (wifi network name) broadcasts. If they hide their SSID, the name of the home wifi won’t appear in the list when someone tries to connect. Instead, they’ll have to connect manually by typing in the home wifi name and password. This way, a potential intruder will have to know the exact name of the home wifi as well as the password.

A VPN can encrypt the traffic on every device connected to a home wifi. It scrambles all the online data, rendering it complete gibberish to hackers trying to intercept the network.