Cybercriminals have been hijacking the Internet connections of users in Brazil by modifying Domain Name System (DNS) settings in their routers, researchers at Proofpoint reported on Thursday.
These types of operations, known as pharming attacks, are designed to lure victims to fake websites, which usually mimic the ones of banks, in an effort to steal credentials and other sensitive information.
Pharming attacks can be highly efficient because in many cases they are difficult to spot. By modifying the router’s DNS settings, the attacker ensures that users are taken to a bogus site when they type in the domain name of the legitimate website in the Web browser’s address bar. Usually, the DNS is hijacked in network-based attacks, but a recent campaign shows that phishing emails can be just as effective.
Full Article
Attackers Use Phishing Emails, Exploits to Hijack Routers
Userlevel 7
+52
Userlevel 7
By Jeremy Kirk
An email-based attack spotted in Brazil recently employed an unusual but potent technique to spy on a victim's Web traffic.
The technique exploited security flaws in home routers to gain access to the administrator console. Once there, the hackers changed the routers' DNS (Domain Name System) settings, a type of attack known as pharming.
full article
The attack changes the DNS settings of a router using default login credentials, Proofpoint says.
An email-based attack spotted in Brazil recently employed an unusual but potent technique to spy on a victim's Web traffic.
The technique exploited security flaws in home routers to gain access to the administrator console. Once there, the hackers changed the routers' DNS (Domain Name System) settings, a type of attack known as pharming.
full article
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.