CybserSecurity News

Tag: Netgear

  • TP-Link Sues Netgear for $1B Over ‘False’ Chinese Hacking Allegations

    The California-based company TP-Link has declared that it may lose more than a billion dollars as a result of false allegations claiming its networking equipment is used by Beijing for cyberattacks. In a lawsuit filed in federal court in Delaware, the router manufacturer asserts that competitor Netgear orchestrated a campaign aimed at undermining its reputation and frightening customers.

    According to TP-Link, Netgear supplied journalists, bloggers, and podcasters with unfounded claims that the company’s products were supposedly controlled by Chinese authorities. The lawsuit states that such actions violate the terms of a 2024 agreement that resolved a prior patent dispute between the two firms. At that time, TP-Link agreed to pay Netgear 135 million dollars, and the settlement included a clause prohibiting either party from disparaging the other. TP-Link now argues that Netgear breached this obligation by using public appearances and earnings calls to disseminate “false and misleading assertions.”

    Netgear has yet to comment on the case. The situation is further complicated by the growing scrutiny of network-equipment security in the United States. Lawmakers from both parties have expressed concern that TP-Link routers could be exploited by hackers in China. In October, Bloomberg reported that the Trump administration was considering formally designating the company a national-security threat — an investigation into its ties with China began last year. Altogether, these developments could bring the company closer to partial or even full restrictions on its U.S. operations.

    TP-Link, however, emphasizes that it now operates as an American manufacturer, claiming to spend substantial sums each year to secure its products against cyberthreats. Even so, the brand’s origins continue to play a role. TP-Link was founded nearly 30 years ago in China and last year completed a corporate split into two entities: an American arm based in Irvine and a Chinese division located in Shenzhen. The U.S. subsidiary plans to invest aggressively in domestic manufacturing and research, though it still maintains a significant presence in its home country.

    Before the split, TP-Link held the leading global position in consumer Wi-Fi device shipments, according to IDC. Its routers are widely available on Amazon and at Best Buy and are used in countless homes and small businesses across the country. The company is now asking the court to prohibit Netgear from further damaging its reputation and to award compensation for the harm incurred.

  • Outdated Netgear Router & Bitdefender Box V1 Exploited for Full Remote Control

    At the inaugural DistrictCon Junkyard competition, analysts from Trail of Bits vividly demonstrated the grave risks posed by outdated networking devices left without updates. During the event, they remotely compromised two discontinued products—the Netgear WGR614v9 router and the Bitdefender Box V1—earning recognition for one of the most unconventional attack scenarios. Although initial access to these systems was limited to the local network, both exploits ultimately achieved full control, reflecting realistic threats in domestic and office environments. Detailed accounts of the vulnerabilities, analysis stages, and demonstrations have been published in Trail of Bits’ official GitHub repository.

    The Netgear analysis began with a hardware teardown: researchers located debugging interfaces and memory chips, then downloaded the device’s firmware from the manufacturer’s website. Using tools like binwalk and unblob, they recursively unpacked the firmware image, performed a port scan, and gained access to the UART console—allowing them to inspect the running kernel, active processes, and services. Particular attention was given to the UPnP daemon (upnpd), responsible for Universal Plug-and-Play support.

    Through the UPnP implementation, three successful attacks were executed by chaining vulnerabilities: an authentication bypass in the SOAP handler, buffer overflows in the BSS and stack segments, and command injection. One of the most inventive techniques, dubbed bashsledding, involved injecting ROP gadgets that called system(), with the payload written to non-volatile memory (NVRAM) via a domain locking mechanism. To circumvent reliance on precise code offsets, the payloads used extended sequences of whitespace, interpreted by the Bash shell until the intended command was discovered.

    Another attack variant, called bigfish_littlepond, exploited a BSS segment overflow to alter a string pointer passed to the shell. Researchers discovered that upnpd spawned a helper process named bpa_monitor. By substituting the invoked command name and injecting a payload via a separate SOAP request, they achieved arbitrary code execution.

    The Bitdefender Box V1, despite operating on a different architecture and security model, proved similarly vulnerable. Designed to secure home networks and analyze traffic, the device contained a flaw in its update mechanism: firmware could be downgraded without authentication. This was compounded by a checksum verification vulnerability, enabling arbitrary command execution.

    The analysis began with a hardware dump of the Winbond W25Q128FV SPI memory chip. Since official update servers were no longer accessible, researchers turned to archived APKs of the mobile companion app and, using VirusTotal, identified version 1.3.12.869, which included firmware 1.3.11.490 signed with a valid key.

    A comparative analysis revealed that the md5 parameter in HTTP requests to /check_image_and_trigger_recovery lacked proper character sanitization. This allowed injection of a command that added the researchers’ SSH key to authorized_keys, granting persistent remote access.

    The attack chain involved the following steps: calling the /update_auth_token endpoint (to reset configuration and lift update restrictions), uploading a firmware archive via /upload_backup_firmware, verifying its structure through /decode_image, and finally injecting a command at the /check_image_and_trigger_recovery stage.

    Although the device featured RSA-based signature verification, it lacked a version check mechanism—allowing any signed, albeit outdated, firmware image to pass scrutiny and execute unsafe code.

    Both incidents—Netgear and Bitdefender—highlight deep-rooted vulnerabilities in the Internet of Things ecosystem. UPnP SOAP interfaces are often left unsanitized, and their services commonly run with excessive privileges. The combination of insecure UPnP implementations and rollback-prone update mechanisms renders many devices highly susceptible to compromise.

    Junkyard’s organizers emphasize that the aim of such competitions extends beyond showcasing technical prowess—it is to spotlight the critical issue of abandoned hardware. Unlike elite contests like Pwn2Own, Junkyard focuses on accessibility: it welcomes inexpensive, unsupported devices. Participants are encouraged to evaluate firmware availability, locate debugging interfaces, analyze FCC certifications, and scour legacy images or apps for useful data.

    The takeaway is clear: the end of official support does not equate to the end of threats. Any obsolete router or filtering appliance, once touted as a safeguard, can swiftly become a weak link. Hence, when selecting new hardware, one must consider not only its features but also the duration of security support the manufacturer is prepared to guarantee.

  • Massive Cyber Attack on Netgear and Hyundai MEA: A Scheme to Steal Crypto Wallets

    Unknown cybercriminals hacked the official Netgear and Hyundai MEA accounts on X, which boast over 160,000 followers. The objective of the attack was to disseminate fraudulent schemes aimed at infecting victims with malware designed to steal cryptocurrency wallets.

    Hyundai has successfully regained control of its account and purged its feed of all links leading to malicious sites. However, Netgear has yet to regain access to its account, and some of the malefactors’ tweets are still accessible on X.

    The attackers renamed the Hyundai MEA (Middle East & Africa) account to impersonate the account of the NFT game Overworld – a cross-platform multiplayer RPG supported by Binance Labs, the venture fund, and incubator of the cryptocurrency exchange Binance.

    Overworld, often targeted by similar fraudulent schemes, consistently warns its followers on X to be vigilant and avoid interactions with scammers impersonating the Overworld account.

    The Netgear account has been compromised since at least January 6th and was used exclusively to promote the malicious BRC App site, luring subscribers with promises of $100,000 to the first 1,000 registered users. However, anyone who connected their wallet to the site risked losing their assets and NFTs due to the malefactors’ actions.

    Representatives of Netgear and Hyundai have not provided comments on the situation.

    Recently, the account of the American cybersecurity company Mandiant (a subsidiary of Google) was hacked for conducting cryptocurrency fraud. The malefactor renamed the account and disseminated false information about a free cryptocurrency giveaway on behalf of the Phantom crypto wallet.

  • Netgear releases Orbi 970 series Wi-Fi 7 Mesh system

    Netgear has unveiled its Orbi 970 series Wi-Fi 7 Mesh system, available in two elegant iterations: the pristine white model (RBKE973S) and the sophisticated black version (RBKE963SB). This avant-garde system comprises a Wi-Fi 6E router (central unit) paired with two satellite access nodes (ancillary units). Embracing the cutting-edge Wi-Fi 7 wireless standard, the system boasts four frequency bands, is adorned with 12 antennas, and achieves a scorching transmission rate of 27 Gbps. Its design ensures an expansive 360° wireless network coverage, seamlessly accommodating up to 200 concurrent devices.

    The Orbi 970 series is artfully crafted upon the Qualcomm Wi-Fi 7 Networking Pro platform. It’s powered by a 2.2GHz quad-core processor, complemented by 2GB of RAM and 4GB of flash storage. The system supports quintessential Wi-Fi 7 features, including a 320MHz channel, offering Wi-Fi connections across 2.4GHz, 5GHz, and 6GHz bands. Employing the MLO technology, it synergistically fuses dedicated 5GHz and 6GHz bands, realizing a wireless backhaul speed of 10 Gbps between the primary router and satellite nodes.

    The main router of the Orbi 970 series is graced with a 10 Gbps WAN port, marking the pinnacle of speed among contemporary counterparts. Additionally, it features a 10 Gbps LAN port and four 2.5 Gbps LAN ports. Each satellite node is equipped with a 10 Gbps LAN port and a duo of 2.5 Gbps LAN ports. Netgear asserts that this intricate network ensemble can bestow lightning-fast connections for residences spanning an area of 10,000 square feet (approximately 929 square meters).

    In terms of investment, the triad set (comprising one central and two ancillary units) carries a price tag of $2,299.99, while the duo set (one central and one ancillary unit) is priced at $1,699.99. Singular satellite nodes can be acquired for $899.99.

  • NETGEAR has unveiled its first WiFi 7 router – Nighthawk RS700

    Although the performance of mainstream WiFi 6 is commendable, faster wireless speeds are always preferable, particularly when faced with tasks such as wireless VR streaming and 8K video streaming. Citing information from Businesswire and Liliputing, NETGEAR recently introduced their first WiFi 7 router, the Nighthawk RS700.

    The Nighthawk RS700 is a tri-band router employing Broadcom’s BCM6726/3 solution, offering bandwidth up to 19 Gbps and support for mesh networks. In terms of connectivity, it features a 10-gigabit WAN port, a 10-gigabit LAN port, four gigabit LAN ports, and a USB 3.0 port. Naturally, it is backward compatible, ensuring seamless operation with existing WiFi 4, 5, and 6 devices, albeit without access to the new standard’s features.

    Presently, the router is available for pre-order at a price of $700, with NETGEAR expecting to deliver the product to customers in the second quarter of this year. While the price may seem steep for a single router, considering its superior performance and NETGEAR’s reputation, it is well-suited for users seeking higher speeds or planning for the future. After all, there are currently few devices supporting WiFi 7, with high-end laptops typically equipped with Intel’s AX1690i WiFi 6E card, let alone smartphones, tablets, or highly-integrated gaming consoles.

    It is worth noting that, in addition to NETGEAR RS700, users can opt for TP-Link’s BE24000, another WiFi 7 router with a similarly hefty price tag. For those desiring a more affordable WiFi 7 router, they may need to exercise patience and wait a bit longer.

  • Netgear Releases Nighthawk AXE3000 WiFi 6E USB 3.0 Adapter

    Although devices that support Wi-Fi 6E have not penetrated into everyday devices like Wi-Fi 6, manufacturers are also gradually increasing the model and number of Wi-Fi 6E devices. Today, Netgear released the Nighthawk AXE3000 WiFi 6E USB 3.0 Adapter (A8000), allowing users to add Wi-Fi 6E support to their devices.

    Image: Netgear
    If you want to take full advantage of the connection speed of the Nighthawk AXE3000 WiFi 6E adapter, users must use a router that supports Wi-Fi 6E. Once connected, the dedicated 6 GHz band provides 1200 Mbps of bandwidth. The Nighthawk AXE3000 wireless card also supports the traditional 5 GHz and 2.4 GHz bands, with bandwidths of 1200 Mbps and 600 Mbps, respectively, for connecting some older devices.

    The shape of the Nighthawk AXE3000 wireless network card is similar to that of a USB flash drive, and it can be directly inserted into the USB interface of a desktop or laptop computer. Netgear has also designed a flip-up antenna and a base for users to get the best wireless network reception.

    Wi-Fi 6E introduces support for the 6GHz frequency band on the basis of Wi-Fi 6. It enables Wi-Fi 6 to expand from the original 2.4GHz/5GHz frequency band to the 2.4GHz/5GHz/6GHz frequency band, the specific frequency is from 5925MHz to 7125MHz, and the connection speed has been further improved. If the bandwidth of the 6GHz band is fully utilized, the Wi-Fi 6E-based wireless network can double the number of devices.

    At present, the support for Wi-Fi 6E is still relatively limited. Only the Windows 11 operating system can fully support the 6GHz frequency band. If you use macOS or Windows 10, the connection speed of the Nighthawk AXE3000 wireless network card cannot be fully utilized. The wireless card will be available in the US this month for a suggested retail price of $89.99.

  • Netgear releases Orbi Quad-band WiFi 6E Mesh System

    Netgear announced the launch of the Orbi 960 series quad-band WiFi 6E Mesh system, divided into a white version (RBKE963) and black version (RBKE963B), consists of a Wi-Fi 6E router (main) and two satellite connection points (secondary) access points. This is an upgraded version of the Orbi 850 series tri-band WiFi 6 Mesh system (RBK853). A fourth frequency band has been added to the original 6GHz WiFi frequency band to provide a much-needed WiFi frequency band for new laptops and smartphones, thereby avoiding interference with the 2.4GHz and 5GHz frequency bands.

    Compared with the previous generation product, this flagship Orbi series product has upgraded WiFi signal and design, even the coverage of 2.4GHz and 5GHz frequency band has been improved, and there is a 30% increase in speed. The Wan port has also been upgraded to a 10 Gbps port, which is currently the fastest available port on this type of equipment. At the same time, the router and two satellite connection points have a 2.5 Gbps port and three 10/100/1000Mbps ports.

    In addition to the normal wireless network upgrade, the Orbi 960 series quad-band WiFi 6E Mesh system also pioneered a dedicated WiFi 6 backhaul, which is used for data exchange between the router and two satellite connection points, so as not to affect the performance of other devices connected to the network. Netgear said that this network system can provide lightning-like network connections for families with a living area of ​​9000 feet, and retain the possibility of expanding to larger spaces.

    The price of the Orbi 960 series quad-band WiFi 6E Mesh system (Router + 2 Satellites) is $1499.99. For large houses or villas without network cables, this product should be the best choice at present