Categories: Computers & Accessories News   Tags: , ,

BT Home Hub hacked open by crafty crackers?If you’ve got one of BT’s little white wireless boxes sitting in your lounge, then hackers could be gorging themselves on your network right now. You should probably totally go and check. Like right now. Don’t worry, I’ll wait.

According to security bods, the software needed to break in is apparently easily available on the internet and can crack the hub open in as little as five seconds. BT is disputing how severe the problem is and claimed hackers would have to “win the computer cracking equivalent of the National Lottery” to succeed. BT didn’t clarify whether participants also needed to wear a tracksuit and gold chains to take part in this cyber sweepstake.

If you already know the different between your WEP and your WPA, then you’re probably already safe otherwise head on over to www.bt.com/help/hub or start wrapping your router in tin foil.

Out now | £free
Telegraph via (Pocket Lint)

Be Sociable, Share!
  • mgleach

    Quote:

    “BT is disputing how severe the problem is and claimed hackers would have to “win the computer cracking equivalent of the National Lottery” to succeed”

    Note:

    I find this comment by BT quite amusing. The insecurities of the BT HomeHub are endless, and to say the chances of finding a valid WPA key are ‘equivilant to winning the lottery’ is BT simply trying lying to their customers to make them feel safe.

    A security enthusiast hosted a presentation at a University demonstrating the weaknesses of the BT HomeHub router / access point.

    A PHP script accepts the SSID (network broadcast name, i.e. BTHomeHub-E270 – which is automatically generated during the production process – and generates, using an algorithm, 60 possible WPA keys that could work with the afformentioned SSID.

    A linux BASH script then loops through all 60 possible WPA keys and attempts to connect to the HomeHub, until one of the keys match.

    Once a match has been found, the WPA key is saved for future reference and the attacker is able to become a member of the Local Area Network behind the HomeHub.

    The possibilities for compromise from this point on are, to say the least, of concern.

    Wireless ‘Packet Sniffing’ applications (widely, and freely, available) can then allow an attacker to view virtually all traffic passing over the network.

    Viewing live MSN conversations, monitoring computer’s internet usage, i.e. websites visited, passwords entered as login’s, emails as they are being read. Even more worrying, is the ability to intercept apparently secure ‘SSL (Secure Socket Layer) connections to online banking website’s and shopping websites, and obtain credit card information and bank details.

    BT have released, at the time of speaking, a firmware update that changes the default password of the HomeHub to the serial number of the HomeHub, in an attempt to make the device more secure.

    However, recent updates from the same security expert that spotted the WPA key vulnerability in the HomeHub as discovered that a simple script which sends a request to the HomeHub causes the HomeHub to respond with plain text which contains the serial number, which can then be used as the password.

    When you consider that the BT HomeHub is quite possibly the most widespread routing device in the UK, this issue is far from a ‘scrape under the carpet’ security flaw that BT seriously need to address.

  • http://google.co.uk iHack Homehub xD

    hiya, yes all of that is correct. i own a home hub still from when i was with bt, now with cable! :D
    any way i use the home hub as a dummy victim router, to test my ‘hacking’ skills lol. as i am quite a newbie to hacking, im quite shocked on how easy i have found it to crack the WEP/WPA(2) key, and the serial number. takes me no longer than 10-15 mins to crack! :s worrying!!!! for any BT user i think should cancel there contract lol.

  • Toxic_Duck

    This is all very true, cracking WEP is easy, cracking WPA really isn’t even that hard. You just need lots of password lists for WPA, WEP just spits out the password on its own.

    So for them to say it’s like an attacker winning the lottery is laughable.

  • Toxic_Duck

    If the lottery was that easy to hack I would be rich!

  • Toxic_Duck

    BTBuisness Hub-168
    WEP Key: 7471252233

    BTFusion-4168
    WPA Key: 1051483197

    My crime is that of curiosity. My crime is that of judging people by what they say and think, not what they look like. My crime is that of outsmarting you, Yay I am a Hacker and this is our Manifesto!

  • Toxic_Duck

    BT’s slogan is bringing it all together…

    Yet the only thing British Telecom have done, is bring all the hackers together out of the cold.

    I for one could care less about some idiots credit card rating or his e-Mails to afganistan.

    Cracking WEP takes approx 60 minutes, crack WPA takes a little longer, you wont see much, just sites they visit like Boots or Mothercare, everything else is encrypted with SHA1 so it’s all double dutch. I did however run across one poor chap who had lost his entire crypto API library and everything he was sending was being sent as plain text, which included his Credit Card, but unlike people who would jump on e-Bay to buy themselves a three piece suite at his expense, I did the right thing and e-mailed him to tell him to ditch that pirate copy of Windows 98 and upgrade to something with a bit more punch.

    He never sent a reply. (Wonder why?)

    BT need to stop being profetiering glutons charging people who go by the Minute to use their internet Broadband and need to give it to people uncapped so they dont have to foot the bill for someone else’s intrusion into their network.

    People think all this wire free technology is great, well I have news for them, so do the hackers… Free internet on the Move is always a plus.

    Only unlike the days where you had to steal it with someone elses account details and sign in passwords, these days you just need their WiFi Keys.

    And when your facing an attacker who can be miles away, mobile and armed with a 7″ netbook, no matter how they attempt to secure it, some people are simply beyond the simplistic security measures required to simply lock them out!

    The one’s that have me looking at them howling with laughter is law firms and banks that have embraced this new wire free trend, as in my humble opinion they really are pushing their luck…

  • LMFAO @ TOXIC DUCK

    toxic duck you are pathetic!!!! you come out with all this bull to make your self look like some hacker, your a noob.

    “Cracking WEP takes approx 60 minutes”

    dont sit there trying to make yourself look good when a noob could crack wep in 5 mins
    ow…. and keep reading metors manifesto…. keep reading…. over and over…. it will make you feel like a real hacker

  • Adam

    Using a long list of passwords or Pass keys is not hacking thats just brute force. Hacking wifi is by capturing lots of packets until all the weak packets give out the key. if you want to secure your wifi. go back to wired connection. because simply using MAC filtering all your nodes to your router or AP will still be left open to those who clone you MAC address of your wifi card.

  • sudo

    Intrigued by all this we ‘attacked ‘ our own router with an eldery pentuim III and certian software found online.. took 19 minutes.. not bad for a first attempt.

  1. The machine that turns brainwaves into music
  2. The vibrating suit: Using sensors to train Olympians
  3. Smart Skin: Squid and zebrafish inspire camouflage tech

Hot chat, right here!


Our most commented stories right now...