It’s not a secret anymore that the routers you get from Ogero once you subscribe to their Blink DSL service can easily be hacked since their WiFi password is very easy to retrieve.
First of all, Blink routers are by default secured using WEP encryption which is very weak and can be cracked using wireless penetration tools. Second, they can easily be identified since they all have an SSID (network name) following this pattern “BlinkXXXXXX” where XXXXXX is a 6 character code, and this isn’t just any random code as it is derived from the router’s serial number. Unfortunately, the same applies to the WiFi password, it isn’t generated randomly but rather derived from the router’s serial number as well.
Logically speaking, if you encounter a Blink network and were able to reverse the operation in a way that lets you guess the router’s serial number from the 6 character code in the SSID, retrieving the password would then be a piece of cake since it can be derived from this serial. That’s basically what some people have been doing for a while now since several tools are already available online allowing you enter the 6 character code once you stumble across a Blink network, and gives you the password in a few seconds.
Up until lately, I was thinking the usage of these tools was somehow minimal and limited to techies since you will rarely find them on Lebanese website, until I lately came across this new Android application called “Hack Blink” with a download count of over 10,000 and rapidly increasing.
Using the application is very straight forward, you enter the code and wait for the password, I tried it and it does work. So if you have a blink subscription, be sure someone around you will soon or later have this application and eventually start consuming your bandwidth.
Fortunately, there is a way to stop people from doing that by reconfiguring your router using this manual I found on Ogero’s website (which applies to Thomson routers). I strongly recommend you use that manual to change your SSID and setting the encryption algorithm to WPA2, in addition to of course changing the default wireless password. If you encounter any difficulty, make sure to either contact their customer support or just head to the nearest Ogero office in order for some support person to help you do it.
Best solution is definitely for Ogero to stop ordering their routers to be configured this way!
@AbirGhattas just informed me “Hack Blink” was removed from the Play Store. I still recommend you change your router’s default settings.