[ insider_reports_insider ]
Router Attacks Witnessed In The Wild
David Utter
Staff Writer
2008-06-18
 Insider Reports RSS Feed
A variant of the Zlob Trojan may be carrying an exploit against routers, subjecting them to brute force attacks against login procedures.
 | | Router Attacks Witnessed In The Wild |  |
Cracked routers add the threat of directing legitimate queries passing through their tables to malicious sites. Tweaks to DNS entries mean a request for a financial site may lead someone to a man in the middle copycat, capturing logins and sending people on to the legitimate site, with no one the wiser for the theft that just took place.
As security vendor Secure Computing observed, this Trojan, actually believe to be a variant of the DNSChanger Trojan, tries to crash its way past the basic access authentication of routers.
Once infected, a router would have its DNS entries changed to send queries to the attacker's DNS of choice. This could also lead to malware injections into computers passing through the co-opted router, as it sends people to an iframe-wrapped version of the destination website.
"At the moment, DNSChanger only knows about a few popular router web interface URLs that that it can use to change DNS settings. However, this can change in the very near future and it is believed that more and more routers will be supported over time," Secure Computing said of the Trojan.
View All Articles by David Utter
About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.
More insider_reports_insider Articles
Insider Reports RSS Feed
|
|
