ACT Fibernet is India's fastest growing broadband provider and third-largest wired broadband provider with over two million home connections across the country. But a recent security loophole might have just put ACT broadband customers at a great deal of danger.
ACT (Atria Convergence Technologies) fixed a serious flaw in its Wi-Fi routers, which are prone to attack by hackers. A Bengaluru-based security researcher Karan Saini discovered the flaw in the security settings of ACT's Wi-Fi routers, which come with default admin password.
ACT customers at risk
The security researcher found that ACT-provided routers, TP-Link TL-WR850N, Archer C5 AC1200 as well as D-Link routers do not have the best security against potential hackers. Saini found that these routers have been set up in such a way that anyone could easily gain access to the router's management portal and cause serious trouble.
ACT customers who haven't changed their Wi-Fi router passwords are the primary targets here. Hackers could easily block websites, steal login credentials or even monitor internet traffic on the network by gaining access to the router's portal remotely.
"Getting a foothold into a home Wi-Fi network to infect devices with malware, all via a poorly-secured internet-enabled coffeemaker, might sound somewhat ludicrous, but it's sadly entirely possible," warned Maria Varmazis of cybersecurity provider Sophos, according to HuffPost India.
ACT routers come with a hardcoded password, which is used to log in to the portal. This is different from your regular Wi-Fi password, which you use to gain access to the internet via home Wi-Fi. If the hackers can gain access to the ACT management portal, they can even change your Wi-Fi password and lock you out of your own network. At the very least, hackers could use up your data without having to pay for it.
"Once compromised, an attacker will have persistent access to the victim's ACT account. Alternatively, an attacker can configure their existing ACT Fibernet connection to instead use someone else's credentials. This would allow an attacker to perform a DoS [Denial of Service, a common type of online attack], and/or exhaust the FUP [Fair Usage Policy, your data limit] on the victim's connection," Saini added.
What should users do?
Updating Wi-Fi router password after getting a new broadband connection is extremely rare. In fact, getting hold of the default password for a particular router is as simple as running a quick web search on Google. There are several troubleshooting guides which list the passwords openly, which makes it easily accessible to anyone - even those without any knowledge of hacking.
After the findings of the research were disclosed to ACT, the broadband provider fixed the flaw and locked access to the routers, which can now be accessed only by the customers. But this is a wake-up call to be vigilant as bad actors are always on the lookout for vulnerabilities.
If you're an ACT customer, it is imperative to update the ACT broadband Wi-Fi router password by logging on to the portal's IP address and updating the changes.