DaemonForums  

Go Back   DaemonForums > DaemonForums.org > News

News News regarding BSD and related.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 3rd October 2012
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,125
Default 4.5 million Brazilian routers hacked

From http://h-online.com/-1722430

Quote:
During a presentation at the Virus Bulletin Conference in Dallas, Fabio Assolini from Kaspersky Lab described how criminals in Brazil managed to compromise 4.5 million DSL routers for months without being noticed.

For their attack, the criminals first used two Bash scripts and a Cross-Site Request Forgery (CSRF) attack to change the admin password and then manipulated the router's DNS server entry. The CSRF attack even allowed them to bypass any existing password protection. Once compromised, the PCs were redirected to specially crafted phishing domains that mainly targeted users' online banking credentials; the attackers had set up 40 DNS servers to handle this redirection. The attack was limited to large parts of Brazil's IP address space.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Security Huawei's routers of vulnerability J65nko News 1 10th August 2012 08:10 AM
UPnP-enabled routers allow attacks on LANs J65nko News 1 25th August 2011 12:00 AM
WPA Not working on some routers? xmorg FreeBSD General 3 30th April 2011 04:36 PM
Am I being hacked? newbsdied OpenBSD Security 14 6th November 2010 10:41 PM
Working around cheap SOHO routers under OpenBSD BSDfan666 Guides 1 23rd November 2008 07:44 PM


All times are GMT. The time now is 04:41 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick