D-Link thinks 5G will cut your cords forever

Network gear maker D-Link just announced a 5G router that sends high-speed Wi-Fi through your house without cables. The router, called the DWR-2010, should allow users to get massive speeds over 5G networks without running cable. Don’t expect to pick this up at the local Best Buy, however, as the 5G router will probably ship […]

Network gear maker D-Link just announced a 5G router that sends high-speed Wi-Fi through your house without cables. The router, called the DWR-2010, should allow users to get massive speeds over 5G networks without running cable. Don’t expect to pick this up at the local Best Buy, however, as the 5G router will probably ship from wireless service providers.

The DWR-2010 also offers customization options for service providers, making it suitable for deployment on a range of network configurations. The gateway features an embedded 5G NR (New Radio) NSA module and can operate on the sub-6 GHz or mmWave frequencies in 200 MHz (2 x 100 MHz) or 800 MHz (8 x 100 MHz) configurations. Complete with remote management (TR-069) and FOTA, the DWR-2010 provides hassle-free operation and a better customer experience.

D-Link also announced some new Exo mesh routers as well as a cute little mydlink devices including a smart switch and a weird little water sensor that will warn you when your water heater explodes. The Indoor Wi-Fi Smart Plug (DSP-W118) and Outdoor Wi-Fi Smart Plug (DSP-W320) will control your lights and appliances both indoors and out.

Expect these cool tools to hit stores in Q2 2019.

Stolen certificates from D-Link used to sign password-stealing malware

This isn’t the IP camera software you think it is.

Enlarge (credit: Eset)

Criminals recently stole code-signing certificates from router and camera maker D-Link and another Taiwanese company and used them to pass off malware that steals passwords and backdoors PCs, a researcher said Monday.

The certificates were used to cryptographically verify that legitimate software was issued by D-Link and Changing Information Technology. Microsoft Windows, Apple’s macOS, and most other operating systems rely on the cryptographic signatures produced by such certificates to help users ensure that executable files attached to emails or downloaded on websites were developed by trusted companies rather than malicious actors masquerading as those trusted companies.

Somehow, members of an advanced persistent-threat hacking group known as BlackTech obtained the certificates belonging to D-Link and Changing Information Technology, the researcher with antivirus provider Eset said in a blog post. The attackers then used the certificates to sign two pieces of malware, one a remotely controlled backdoor and the other a related password stealer. Both pieces of malware are referred to as Plead and are used in espionage campaigns against targets located in East Asia. The Japan Computer Emergency Response team recently documented the Plead malware here. AV provider Trend Micro recently wrote about BlackTech here.

Read 5 remaining paragraphs | Comments