Walmart, Amazon and eBay Routers Contain Backdoors

Posted December 8, 2020

CyberNews Sr. Information Security Researcher Mantas Sasnauskas along with researchers James Clee and Roni Carta recently discovered backdoors installed in Walmart’s Jetstream routers sourced from China. These routers are part of Walmart’s “affordable” line of Wi-Fi equipment. The backdoors open up the ability for attackers to control the devices remotely as well as any devices connected to that network. Along with these Walmart routers, low-cost Wavlink routers sold by Amazon and eBay have been discovered to have similar backdoors. The Wavlink routers also contain internal worm functionality to help exploit other nearby networks.

Backdoors in devices such as these are actively being exploited and devices are being used in ransomware and large-scale botnet attacks. One of the largest botnet attacks carried out by Annonymous and New World Hackers, known as the 2016 Dyn cyberattack, took down many high-profile services across North America and Europe including Amazon, Visa, PayPal, Shopify, Twitter, CNN, HBO and many others.

In their 2021 Cybersecurity Predictions, WatchGuard concludes hackers will evolve their malware with similar worm functionality to infest home networks and ultimately infect company-owned devices. The full predictive statement from WatchGuard is below.

The pandemic forced us all to adopt remote work practically overnight, and the era of home-based workforces will continue through 2021 and beyond. As a result, cyber criminals change their approach and create attacks specifically targeting the home worker.

Malicious hackers often include worm functionality modules in their malware, designed to move laterally to other devices on a network. In 2021, cyber criminals will exploit under-protected home networks as an avenue to access valuable corporate endpoint devices. By deliberately seeking out and infecting the company-owned laptops and smart devices on our home networks, attackers could ultimately compromise corporate networks. Next year we expect to see malware that not only spreads across networks but looks for signs that an infected device is for corporate use (such as evidence of VPN usage).

As businesses continue adapting to the new work-from-anywhere reality, securing employees’ home networks is critical to extending the security of the corporate network. Ninety percent of organizations already have employees working at least 1/2 of their week outside the office and 64% of midsize businesses experienced a breach due to a worker who was off-network. As WatchGuard predicts, these trends are likely to continue into 2021 and beyond. Attackers will continue to learn new and creative ways to take advantage of this significant change in how we work. Do you know what devices are powering your employees’ home networks? If not, we can help.

Scott Anderson

Scott Anderson is Partner / CTO of Verus Corp. He works with mid- and large-sized companies to ensure that all of their managed IT service needs are met to their highest standards. Scott knows that giving customers exactly what they need requires flexibility and patience. He works with each department to carry out documentation and the processes of providing managed IT services. Every position that Scott has held has been largely focused on customer service. This expertise and experience means that you’ll be getting a holistic and customer-centered experience from Verus Corp, from installation to troubleshooting. Scott has provided services that have helped Verus Corp be named a Cisco Select Partner and WatchGuard Partner of the Year. Most recently, Verus Corp was named the second best place to work by the Minneapolis/St. Paul Business Journal. Scott has a Bachelor’s in Speech from St. Cloud State University.