chaminga_d
02-16-2007, 07:32 PM
Users who connect to the Internet through a router and have yet to change the device's default password may be vulnerable (http://news.com.com/Hack+lets+intruders+sneak+into+home+routers/2100-7349_3-6159938.html?tag=nefd.top)to a new type of JavaScript attack, according to Symantec and Indiana University researchers. As CNet reports, a JavaScript code embedded in a malicious web page can exploit a user's browser to log into a router with default login settings and change DNS IP addressses. Through a custom DNS server, a user attempting to visit a major site like Google—or worse, a bank site—could be redirected to a malicious site able to harvest passwords or other personal information.
Symantec researcher Zulfikar Ramzan tells CNet that he has already tested the attack with consumer routers from D-Link, Linksys, and Netgear, and that it's even possible to craft a single page that can attack all vulnerable routers. Ramzan feels that it's "just a matter of time before phishers start using [this attack]."
Symantec researcher Zulfikar Ramzan tells CNet that he has already tested the attack with consumer routers from D-Link, Linksys, and Netgear, and that it's even possible to craft a single page that can attack all vulnerable routers. Ramzan feels that it's "just a matter of time before phishers start using [this attack]."