Having carried out an analysis of D-Link WiFi routers produced by a Taiwan company, specialists found no malicious software. But what they did found out was that they include equipment using Russian DNS services Yandex. DNS and SkyDNS, and firmware is updated from Russia-based servers.
Once the Yandex.DNS service is activated, all DNS requests are sent to servers managed by Russia company Yandex. The servers register incoming requests from consumers, allegedly allowing for a consumer's IP address, country, request time, addresses the consumer visits to be identified, the statement says.
"Long-term monitoring of consumers DNS requests and the processing of the monitoring results through the application of modern data analysis and aggregation methods provides a possibility to summarize a consumer's behavior in the electronic space with a high level of accuracy and even identify the person in some cases," the statement reads.
Also, part of D-Link firmware updates is carried out from servers in Russia. "Update servers can not only process consumer requests but can also register consumers and collect data," the National Cyber Security Center underlined.
The research results "reflect new and sophisticated cyber security risks arising for households and small and medium enterprises."
Specialists call on consumers to check the origin of technology before buying any software or other equipment and be critical of the proposed contents, as well as to check default parameters and change their passwords regularly.