News

2019.06.11 11:30

Lithuania's cyber security center warns about WiFi equipment with Russian DNS services

Saulius Jakučionis, BNS2019.06.11 11:30

Lithuania's National Cyber Security Centre has issued a warning about risk posed by some of the WiFi equipment used in the country which sends user data to Russian servers.

Having carried out an analysis of D-Link WiFi routers produced by a Taiwan company, the centre's specialists found no malicious software. But what they did find out was that the routers use Russian DNS services Yandex.DNS and SkyDNS, and firmware is updated from Russia-based servers.

Once the Yandex.DNS service is activated, all DNS requests are sent to servers managed by the Russian company Yandex. The servers register incoming requests from consumers, allegedly allowing to identify a consumer's IP address, country, request time, visited addresses, the statement says.

“Long-term monitoring of consumers' DNS requests and the processing of the monitoring results through the application of modern data analysis and aggregation methods provides a possibility to summarize a consumer's online behaviour with a high level of accuracy and, in some cases, even identify the person,” the statement reads.

Moreover, part of D-Link firmware updates is carried out from servers in Russia. “Update servers can not only process consumer requests, but also register consumers and collect data,” the National Cyber Security Centre underlined.

The research results point to “new and sophisticated cyber security risks for households and small and medium enterprises”.

Specialists call on consumers to check the origin of technology before buying any software or other equipment and be critical of the proposed contents, as well as to check default parameters and change their passwords regularly.

Update: Retail chain stops selling D-Link routers

Topo Centras, a Lithuanian retail chain selling household appliances and electronic devises, decided on Tuesday to halt the sale of D-Link routers.

The decision comes in response to a warning by Lithuania's National Cyber Security Centre earlier in the day about the risk D-Link WiFi equipment poses as it uses Russian technology.

Topo Centras said that shoppers who bought such routers can return them to the shops and get refunds if they have receipts.

The chain has 37 stores in 25 towns across Lithuania.

Lithuanian Vice Minister of National Defence told the LRT.lt that the equipment of tested routers was produced for the Russian market and probably did not meet EU data protection regulations.

The State Data Protection Inspectorate has launched its separate investigation into D-Link devices.