Home » News » Virgin Super Hub routers got hacked: Are you still at risk?

Virgin Super Hub routers got hacked: Are you still at risk?

Virgin Super Hub routers got hacked: Are you still at risk?

Tuesday, 4 July, 2017

Virgin Media says it has resolved a security flaw in its Super Hub routers, which made millions of households a ‘prime target’ for hackers.

Back in May 2017 Virgin came under fire for turning every single one of its Super Hub routers into public Wi-Fi hotspots.

100,000 customers were opted in automatically – a process which drew critics from both home users and businesses.

Virgin has turned your router into a public WiFi hotspot - but is it safe?

So it was no surprise when white-hat hackers found vulnerabilities on the Netgear Super Hub 2 and Super Hub 2AC, which would have given hackers unauthorised control of dynamic DNS settings, and the ability to monitor data traffic moving through the router.

Jan Mitchell and Andy Monaghan, security researchers from Context Information Security, exposed the flaw, and worked with Virgin Media to counter the threat.

“After verifying our findings, Virgin Media worked with us to develop mitigations which were released as part of their existing firmware patching cycle,” they said.

Virgin Media said they often work with third parties to deal with security issues and co-operated with both Context and Super Hub manufacturer, Netgear, to address the issue.

The telecoms giant has now released a firmware patch to resolve the flaw.

Virgin has turned your router into a public WiFi hotspot - but is it safe? 2

Is your password ‘password’?

This update took place automatically to ensure that no other customers could be at further risk.

“We take the security of our customers very seriously,” a spokesperson for Virgin Media said.

The security encryption key was the same across all hubs in the UK, and although users are prompted to change the default password, it is not a requirement for using the router.

Furthermore, it may not be immediately clear how to change the password for customers who lack the requisite knowledge or insight.

Potential attackers would therefore only need to know this default password to gain access to Super Hubs around the country.

Millions of routers ‘dreadful’ for security

A blog by Context’s Research team described the security of many ‘off-the-shelf’ home routers as “almost universally dreadful”, but said it was uncommon for vulnerabilities in flagship routers from larger ISPs such as BT, Sky and Virgin Media to make the news.

The Super Hub is one of the most common routers in the UK, and can be found in millions of households across the country. It is supplied to customers of Virgin Media’s broadband services.

Large scale cyber attacks are becoming increasingly common. An attack exploiting a similar flaw in Wi-Fi connected devices occurred in December 2016, and in May 2017, NHS computer services were held to ransom following the Wannacry attack which caused huge disruption to hospital services.

Aran Burton author picture

By:

Aran is a technology journalist with an interest in consumer issues.

News What's the story?

Keep up with the latest developments in UK broadband.

The biggest malware threats of 2020…so far

It’s been a year few of us will forget in a hurry. As the end of June approaches, we review the biggest malware threats of 2020 so far

The biggest malware threats of 2020…so farThe biggest malware threats of 2020…so far Read more

Instagram could become the main news source for young people.

Reuters finds changes in the way younger users consume the news.

Read more

BT launches second line service

BT launches second broadband home line service for the new crop of home workers.

Read more

Best broadband areas for online gaming in the UK.

Read more

Help Learn with us

Make the most of the internet with our broadband library.

How to check if your broadband is down

It might seem obvious that an outage has occurred, but there are easy ways to check if your broadband is down, or whether the problem is more localised

How to check if your broadband is downHow to check if your broadband is down Read more

A guide to Big Tech alternatives.

It seems like we’re reliant on a small group of companies, are there alternatives?

Read more

Quick tips for boosting home broadband speed

Boosting speed can transform activities like streaming, gaming and accessing cloud storage

Read more

What’s the difference between hardware, firmware and software?

Read more