Buying a cheap router (opens in new tab) may save you a few bucks in the short term but doing so could leave your home network vulnerable to hackers and your connected devices at risk according to new research from CyberNews (opens in new tab).
The news outlet's senior information security researcher Mantas Sasnauskas and researchers James Clee and Roni Carta discovered suspicious backdoors in a Chinese-made Jetstream router which is sold exclusively in the US through Walmart (opens in new tab) as part of its new line of “affordable” Wi-Fi routers. Hackers could leverage this backdoor to remotely control the router itself as well as any devices connected to a user's network.
When CyberNews reached out to the retailer regarding the backdoor, a company spokesperson responded saying: “Thank you for bringing this to our attention. We are looking into the issue to learn more. The item in question is currently out of stock and we do not have plans to replenish it.”
While this means that other customers won't be able to buy a Jetstream router from Walmart anytime soon, those who already have are still at risk.
- We've assembled a list of the best antivirus (opens in new tab) software around
- Keep your devices virus free with the best malware removal (opens in new tab) software
- Also check out our roundup of the best endpoint protection (opens in new tab) software
In addition to the Walmart-exclusive Jetstream router, the researchers also discovered that low-cost Wavlink routers available on Amazon and eBay have similar backdoors. These routers also contain a script that lists nearby W-Fi networks and has the capability to connect to them.
During their investigation, the researchers also discovered evidence that the backdoors in both Jetstream and Wavlink routers are being actively exploited and that there was an attempt to add these devices to a Mirai botnet (opens in new tab).
In a new report (opens in new tab), security researcher James Clee explained that he began his research by looking into the kind of security low-cost Chinese devices have, saying:
“I was interested in seeing how much effort companies were putting into security. I decided it would be a great hobby to buy cheap Chinese technology off of Amazon and see what I could find out.”
Jetstream may have an exclusivity deal with Walmart but the company's products are also sold under other brand names like Ematic. However, there is very little publicly available information about which Chinese company actually produces its routers. Wavlink on the other hand is a technology company based in Shenzen, China that has 1,000 employees. By digging further though, the researchers found reasons to believe that both Jetstream and Wavlink are subsidiaries of a Shenzhen-based company known as Winstars Technology Ltd.
Your home Wi-Fi router serves as the gateway between your devices and the internet and for this reason, purchasing a cheap router without proper security protection is always highly discouraged.
- We've also highlighted the best ransomware protection (opens in new tab)