A severe security issue in six million Sky routers

According to a security firm, about six million Sky routers had a severe software issue that might have allowed hackers to take control of residential networks.

The issue has been resolved, but researchers said it took Sky 18 months to resolve.

Anyone who has not changed the router’s default admin password could have been affected. According to Sky, a large-scale update takes time.

“We take our clients’ safety and security very seriously. We began working on a solution for the problem after being alerted to the risk, and we can certify that a fix has been delivered to all Sky-manufactured goods.

The latter two devices, on the other hand, came with a randomly generated admin password, making it more difficult for a hacker to attack. Furthermore, Sky only produces around 1% of the routers it sells.

Customers who already have one can request a free replacement.

A software bug discovered by Pen Test Partners researcher Raf Fini would have allowed a hacker to modify a home router merely by sending the user to a malicious website via phishing email. According to Ken Munro of Pen Test Partner, “they might then take over someone’s online life,” obtaining credentials for banking and other websites.

Although there was no proof that the weakness had been exploited, he found the time it took to patch it perplexing.

Mr Munro noted that everyone with a router should change the default passwords.

An insecure Vodafone router with a default password was discovered earlier this year by BBC News, which might have allowed a stranger to take over a couple’s wifi and use it to upload unlawful photographs of child abuse to the internet.

The pair were the subjects of a police inquiry that wreaked havoc on their lives and led to mental health issues.

In May, consumer watchdog Which? Warned that millions of routers in the UK had missed several years of critical security updates, leaving them vulnerable to hackers.