This class of routers are typically connected directly to high-speed broadband Internet connections

Photo Credit : Shutterstock,

Earlier last week, an anonymous researcher disclosed two vulnerabilities, which affect over one million routers. It has been reported that botherders are now leveraging vulnerabilities in Dasan GPON routers and attacks have been already been recorded by Netlabs.

Sean Newman, director at Corero Network Security, said: “If the reports are verified, these Dasan GPON Routers join the escalating category of botnet-vulnerable IoT devices, and they underscore the growing risk of very large botnet-based DDoS attacks. This class of routers are typically connected directly to high-speed broadband Internet connections.

"Once compromised, these devices could be covertly “herded” by a bot master to form a botnet large enough to generate high-impact DDoS attacks against victims around the world.These routers will likely remain vulnerable until patches are available and applied.

"The challenge is that manufacturers often just move on to developing new router models, instead of updating older ones. Additionally, users of the routers may not know how to upgrade them, even if a patch is released, or may not actually be able update them, as the Service Providers which provide them often lock down that part of the user interface.  

"In this case, it would be reliant on the service provider themselves to do it, which would take a herculean effort. In the face of this new attack risk, the best step that organizations can take, is to employ the latest generation of always-on, automatic DDoS protection solutions which can detect and mitigate these DDoS attacks in seconds.”