Category Archives: Uncategorized

Avoiding CSRF attack on old routers

“Modem hack used to infect millions with banking fraud malware.” – Ars Technica, 2012

My old Netgear has at least one security hole. There’s no fix for it, possibly because it’s so old.

Like the attack reported in Ars Technica, the security hole involves CSRF. In simple terms, asking the local administrator to click on a web link, perhaps in an email.[*] Can you prevent an old router being hijacked by CSRF?

Continue reading Avoiding CSRF attack on old routers