(January 23, 2023)

Then, there‘s networking port 32764, which French security researcher Eloi Vanderbeken in 2013 discovered had been quietly left open on gateway routers sold by several major brands.

Using port 32764, anyone on a local network — which includes a user‘s ISP — could take full administrative control of a router, and even perform a factory reset, without a password.

The port was closed on most affected devices following Vanderbeken‘s disclosures, but he later found that it could easily be reopened with a specially designed data packet that could be sent from an ISP.

„This is so obviously done by a spy agency, it‘s amazing,“ Horowitz said. „It was deliberate, no doubt about it.“

(…)

Change the router‘s Domain Name System (DNS) server from the ISP‘s own server…