Recently the Chinese manufacturer of the computer networking products “TP-LINK” lost control of its two domains which were used to configure the routers and Wi-Fi extenders settings.
The company TP-LINK, which is a leader in the production of the budget network equipment of SOHO-class, lost two of its domains “tplinklogin.net” and “tplinkextender.net”, domain names which were used to configure its devices. The first domain was used for configuration of routers, and the second is for its Wi-Fi extenders.
According to the sources, the domains on which TP-LINK lost control, are actually used to configure the company’s routers as we mentioned earlier, as the domains were expired and have been resold to the domain name brokers who are actively seeking buyers.
As the incident was bad enough, but, still its users can easily access the network management tools and options just by visiting their IP-address which is by default “192.168.1.1”.
Apparently, employees simply “forgot” to extend the domain names validity and the cybersquatters took the advantage of this incident immediately. Hence, both the domain names were re-registered by an anonymous owner and sold at a price of $2.5 million each.
However, the security experts said that “The domains are at risk of being purchased by the criminals that could easily use the domains to take control of millions of routers by redirecting traffic, installing malicious firmware and ultimately attack millions of TP-Link router customers”.
Apparently, the manufacturer is not going to buy up these domains. From the last few years as a domain for managing company replaced its old domain “tplinklogin.net” with “tplinkwifi.net”. Unfortunately, the main problem is that “tplinklogin.net” and “tplinkextender.net” normally came printed on the back side of the devices. So, the users accessing this domain on devices could end up on a domain under a third-party’s control.
As the company, TP-Link stated that “they stopped using the domain tplinklogin[.]net in 2014. Any products purchased at that time using the old domain (tplinklogin[.]net ) will be automatically redirected to the internal set-up page, so there will not be any security issues”.
Source : Internet