- Jul 22, 2014
- 2,525
Well assuming that the Rootkit/Trojan does ONLY monitor your data stream from point A to B and captures login, credit and such data your local data will be pretty save.
But if such malware is monitoring your data streams with the aim to download, install and inject code in for example your windows update stream (As it can capture and modify/inject code into a secure legit data stream) you can be infected with other malware.
And due to the fact such malware uses Windows update, or even your anti virus update data link, it can penetrate your system beyond the reach of your conventional security options.
So i assume that the reply to your question would be: You might be secure and your data night be clean under the right conditions.
But i honestly cannot judge about that as i do not know what particular infection Umbra is talking about. Because there are huge numbers of router injectors and tapping malwares out there each on with their own abilities and payload / toolset.
That said, generally if its just a packet sniffing malware you should be fine.
In the last time Routers are getting hacked/infected more and more, even ISP's update servers.
e.g http://www.theregister.co.uk/2014/08/13/fifteen_zero_days_found_in_hacker_router_romp/
http://www.tripwire.com/register/soho-wireless-router-insecurity/showMeta/2/
http://www.csoonline.com/article/24...sed-en-masse-researchers-say.html#tk.rss_news
http://it-beta.slashdot.org/story/14/03/04/016231/new-attack-hijacks-dns-traffic-from-300000-routers
the infection i talked about was a malware (if my memory is good) that penetrated the routers provided by the ISP to relay datas from its customers
How do you protect your (SOHO) router from these attacks? How do you manage to detect changes in your router? Which "unconventional" security option do you suggest to protect against/detect these threats? Which router would you recommend (not SOHO)?
Do OpenWRT, DDWRT and Tomato firmware offer better protection/updates (if well configured)?