Recent data published by Comparitech finds that one out of every 16 home Wi-Fi routers are vulnerable to some form of password attack. In particular, it was noted that hackers can easily target devices that still use the manufacturer’s default password setting, potentially paving the way for spying, hijacking, injecting malware or other actions.
Researchers noted that 6.4 percent of routers sold on Amazon – amounting to “tens of thousands” of units – tend to use the default admin settings that can be remotely accessed using publicly available passwords.
Comparitech researchers used “freely available tools” to scan the internet for the top 12 home Wi-Fi router models sold on the marketplace, in all testing 9,927 routers to discover that 635 were vulnerable to a default password attack.
Top at-risk router manufacturers – indicating that they do not require a password change prior to activation – included NetGear (18, Xfinity, ZTE and Netis. On these vendors’ tested systems, between 13 and 18 percent of login attempts were successful.
Meanwhile, AsusRT and MikroTik models yielded no access whatsoever despite “hundreds” of attempts.
Research was conducted in June 2021.