RouterCheck now detects the Netgear Authentication Bypass problem that was disclosed several days ago by Compass Security Schweiz Ltd. This is a serious problem that allows hackers to gain access to a router’s administration functionality without having to login. Several thousands of routers are believed to have been affected by a targeted attack against this vulnerability. […]
Category: DNS
DNS Changer Malware detected by RouterCheck
Another malware attack against home routers that modifies DNS settings has been disclosed by Fernando Mercês, a researcher for Trend Micro. This DNS Changer is mostly active in Brazil, although it’s also been detected in the United States, Japan, as well as several other countries, The attack modifies the router’s DNS settings, a method that […]
RouterCheck now detects the “Kafeine Vulnerability”
Security researcher Kafeine recently discovered a web-based attack tool that hackers have been using to compromise home routers. The attack utilizes Cross-Site Request Forgery (CSRF) vulnerabilities that are present in many popular routers. The list of router vendors affected include: ASUS Belkin D-Link Edimax Linksys Medialink Microsoft Netgear Tenda TP-Link Trendnet ZyXEL The attack modifies the […]
DNS Problem Knocks BT Users Offline
Nicole Kobie of computer magazine PC Pro has reported that BT experienced a problem with their DNS servers on Saturday, effectively knocking a large number of their subscribers off of the internet. Many people were able to work around this DNS problem by changing the DNS setting on their routers from the BT servers to […]
Home Routers Used in Denial of Service Attack
A new report from Nominum claims that more than 24 million home routers on the Internet have open DNS proxies which expose ISPs to DNS-based Denial of Service attacks. It goes on to say that in February 2014, 5.3M of these routers were in fact used to attack, and that in January 2014, more than 70% […]
Plusnet Customers’ DNS Problems
Reports from British ISP Plusnet say that many of their subscribers have been hit by an attack that modifies the DNS setting on their routers and directs them to phishing websites. A spokesman for the ISP said It appears that some of our customers, (and no doubt a number of other people out on the […]
Massive Attack Targets Asian Routers
A massive Hack of Mass Destruction has been unleashed on routers primarily in Asia. Discovered by Team Cymru, this attack is believed to have affected over 300,000 devices, primarily in Vietnam, India and Italy. The attack modifies the DNS settings on the compromised routers, and points them to DNS servers that are controlled by criminals. […]
AAISP Hit by Pharming
Customers of British ISP AAISP have been hit by a Pharming attack – one that modifies their DNS settings in their routers and directs them to websites that are controlled by an attacker. It turns out that this attack was part of the larger one that is being reported by Team Cymru. The most interesting […]
Cybercrime Directed at Polish Banks
CERT Polska (the Polish Computer Emergency Response Team) has uncovered a Hack of Mass Destruction directed against the Polish Banking sector. This attack modified the DNS settings on victims routers, and then a simple man-in-the-middle attack was launched after the rogue DNS servers misdirected users to what they thought was their bank’s website. The attack […]
CSRF in TP-LINK
There’s a great analysis of a newly discovered CSRF vulnerability in certain models of TP-LINK routers. This analysis explains what the vulnerability is, what it could affect, how to detect it, and how it could be exploited. A CSRF attack is often used by hackers to attack routers passively without having to directly touch them. […]