18th May, 2018, By Catalin Cimpanu
DrayTek, a Taiwan-based manufacturer of broadband CPE (Customer Premises Equipment) such as routers, switches, firewalls, and VPN devices, announced today that hackers are exploiting a zero-day vulnerability to change DNS settings on some of its routers.
The company admitted to the attacks after several users reported on Twitter about finding DrayTek routers with DNS settings changed and pointing to an unknown server located at 38.134.121.95.
Full Article.
23rd May, 2018 By Graham CLULEY
The manufacturer advises that an indicator that your router may have been compromised is if its DNS settings have been configured to use a known rogue DNS server at 38.134.121.95.
Instead your DNS settings should be either blank, set to the DNS server addresses from your ISP, or a well-known DNS server such as the one run by Google at 8.8.8.8
Full Article.
The manufacturer advises that an indicator that your router may have been compromised is if its DNS settings have been configured to use a known rogue DNS server at 38.134.121.95.
Instead your DNS settings should be either blank, set to the DNS server addresses from your ISP, or a well-known DNS server such as the one run by Google at 8.8.8.8
Full Article.
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.