• Log In
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Home
  • About
  • Structure
  • Gradebook

ITACS 5211: Introduction to Ethical Hacking

Wade Mackey

Thousands of MikroTik Routers Hacked to Eavesdrop On Network Traffic

September 9, 2018 by Connor Fairman 1 Comment

MikroTik routers have a security vulnerability that was revealed after a wikileaks report detailed a CIA hacking tool, known as Chimay Red. What I found immediately interesting was that someone reverse engineered Chimay Red and it is now available for cloning from someone’s github: https://github.com/BigNerd95/Chimay-Red

With Chimay Red, you can add a payload to the router. It also seems like you can use it to overload a thread’s stack, which traditionally contains variables, functions, pointers, etc. that are in local scope. This allows us to write POST date into ANOTHER stack after we overload the current one. How we know what the next stack is, though, is unclear to me because threads are asynchronous, or rather they are used to handle asynchronous tasks.

Back to MikroTik, the key important detail here is that hackers can hijack devices if they take advantage of this vulnerability. Moreover, hackers can reroute traffic from compromised routers to themselves. This allows them to monitor their victims.

https://thehackernews.com/2018/09/mikrotik-router-hacking.html

Filed Under: Week 02: TCP/IP and Network Architecture Tagged With:

Reader Interactions

Comments

  1. Sev Shirozian says

    September 11, 2018 at 12:22 am

    I’m glad that I don’t have a Mikro Tik router at home! I won’t mention what brand I have but I’m sure there’s some kind of vulnerability for the one I have and many other brands out there too. Just need to make sure you’re always updating the firmware on your device to reduce the likelihood of your device being used as another IoT zombie device. Moral of the story, patch and update always!

    Log in to Reply

Leave a Reply Cancel reply

You must be logged in to post a comment.

Primary Sidebar

Weekly Discussions

  • Uncategorized (14)
  • Week 01: Overview (7)
  • Week 02: TCP/IP and Network Architecture (18)
  • Week 03: Reconnaisance (17)
  • Week 04: Vulnerability Scanning (19)
  • Week 05: System and User Enumeration (17)
  • Week 06: Sniffers (17)
  • Week 07: NetCat and HellCat (15)
  • Week 08: Social Engineering, Encoding and Encryption (21)
  • Week 09: Malware (14)
  • Week 10: Web Application Hacking (17)
  • Week 11: SQL Injection (15)
  • Week 12: Web Services (25)
  • Week 13: Evasion Techniques (8)
  • Week 14: Review of all topics (15)

Copyright © 2026 · Magazine Pro Theme on Genesis Framework · WordPress · Log in