Stories
Slash Boxes
Comments

SoylentNews is people

posted by janrinok on Monday August 13 2018, @04:49AM   Printer-friendly

Submitted via IRC for SoyCow1984

DLink vulnerability lets attackers remotely change DNS server settings.

Hackers have been exploiting a vulnerability in DLink modem routers to send people to a fake banking website that attempts to steal their login credentials, a security researcher said Friday.

The vulnerability works against DLink DSL-2740R, DSL-2640B, DSL-2780B, DSL-2730B, and DSL-526B models that haven’t been patched in the past two years. As described in disclosures here, here, here, here, and here, the flaw allows attackers to remotely change the DNS server that connected computers use to translate domain names into IP addresses.

According to an advisory published Friday morning by security firm Radware, hackers have been exploiting the vulnerability to send people trying to visit two Brazilian bank sites—Banco de Brasil’s www.bb.com.br and Unibanco’s www.itau.com.br—to malicious servers rather than the ones operated by the financial institutions. In the advisory, Radware researcher Pascal Geenens wrote:

The attack is insidious in the sense that a user is completely unaware of the change. The hijacking works without crafting or changing URLs in the user’s browser. A user can use any browser and his/her regular shortcuts, he or she can type in the URL manually or even use it from mobile devices such as iPhone, iPad, Android phones or tablets. He or she will still be sent to the malicious website instead of to their requested website, so the hijacking effectively works at the gateway level.

Source: https://arstechnica.com/information-technology/2018/08/in-the-wild-router-exploit-sends-unwitting-users-to-fake-banking-site/


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by FatPhil on Monday August 13 2018, @02:06PM

    by FatPhil (863) <pc-soylentNO@SPAMasdf.fi> on Monday August 13 2018, @02:06PM (#720976) Homepage
    Ah, I read the "here", "here", "here", "here", "here", and "advisory" links, but not that final one - thanks!
    --
    Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2