4.5 million routers hacked

    Date03 Oct 2012
    Posted ByAnthony Pell
    During a presentation at the Virus Bulletin Conference in Dallas, Fabio Assolini from Kaspersky Lab described how criminals in Brazil managed to compromise 4.5 million DSL routers for months without being noticed. For their attack, the criminals first used two Bash scripts and a Cross-Site Request Forgery (CSRF) attack to change the admin password and then manipulated the router's DNS server entry. The CSRF attack even allowed them to bypass any existing password protection. Once compromised, the PCs were redirected to specially crafted phishing domains that mainly targeted users' online banking credentials; the attackers had set up 40 DNS servers to handle this redirection. The attack was limited to large parts of Brazil's IP address space.
    You are not authorised to post comments.

    LinuxSecurity Poll

    Has your email account ever been pwned in a data breach?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.