These routers might give hackers a back door into your home network

Jetstream Routers
(Image credit: Jetstream)

Buying a cheap router may save you a few bucks in the short term but doing so could leave your home network vulnerable to hackers and your connected devices at risk according to new research from CyberNews.

The news outlet's senior information security researcher Mantas Sasnauskas and researchers James Clee and Roni Carta discovered suspicious backdoors in a Chinese-made Jetstream router which is sold exclusively in the US through Walmart as part of its new line of “affordable” Wi-Fi routers. Hackers could leverage this backdoor to remotely control the router itself as well as any devices connected to a user's network.

When CyberNews reached out to the retailer regarding the backdoor, a company spokesperson responded saying: “Thank you for bringing this to our attention. We are looking into the issue to learn more. The item in question is currently out of stock and we do not have plans to replenish it.” 

While this means that other customers won't be able to buy a Jetstream router from Walmart anytime soon, those who already have are still at risk.

In addition to the Walmart-exclusive Jetstream router, the researchers also discovered that low-cost Wavlink routers available on Amazon and eBay have similar backdoors. These routers also contain a script that lists nearby W-Fi networks and has the capability to connect to them.

Hidden backdoors

During their investigation, the researchers also discovered evidence that the backdoors in both Jetstream and Wavlink routers are being actively exploited and that there was an attempt to add these devices to a Mirai botnet.

In a new report, security researcher James Clee explained that he began his research by looking into the kind of security low-cost Chinese devices have, saying: 

“I was interested in seeing how much effort companies were putting into security. I decided it would be a great hobby to buy cheap Chinese technology off of Amazon and see what I could find out.” 

Jetstream may have an exclusivity deal with Walmart but the company's products are also sold under other brand names like Ematic. However, there is very little publicly available information about which Chinese company actually produces its routers. Wavlink on the other hand is a technology company based in Shenzen, China that has 1,000 employees. By digging further though, the researchers found reasons to believe that both Jetstream and Wavlink are subsidiaries of a Shenzhen-based company known as Winstars Technology Ltd.

The devices of both router brands feature a simple GUI for their backdoors which is different from interface presented to router admins. To make matters worse, the devices looked at by the researchers have a file that allows for remote access to the router that an attacker could exploit if connected to a user's network. They also found that the credentials needed to access the device are being checked in Javascript which means that an attacker can find a device's password even if a user changes it.

Your home Wi-Fi router serves as the gateway between your devices and the internet and for this reason, purchasing a cheap router without proper security protection is always highly discouraged.

Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.