Defending your router, and your identity, with a password change
March 8, 2008 - "...Every router, wired or wireless, has an internal website used to make configuration changes. Accessing this internal website requires a userid/password, something totally independent of any wireless network passwords... In brief, if your router is using the default password, your computer is vulnerable to an attack where the router is re-configured
. Specifically, the dangerous configuration option is the DNS server... Malicious DNS servers can result in your visiting to a website, any website, and ending up at a phony version of the site run by bad guys. If the website is that of a bank or credit card company, and you enter a userid/password, you can kiss your identity, and money, good-bye..."
Released: 3 Mar 08 - APWG Releases Dec 2007 Phishing Trends Report
(From the report - pg. 8, "Phishing-based Trojans – Redirectors")
"...Along with phishing-based keyloggers we are seeing high increases in traffic redirectors
. In particular the highest volume is in malicious code which simply modifies your DNS server settings or your hosts file to redirect either some specific DNS lookups or all DNS lookups to a fraudulent DNS server
. The fraudulent server replies with “good” answers for most domains, however when they want to direct you to a fraudulent one, they simply modify their name server responses. This is particularly effective because the attackers can redirect any of the users requests at any time and the end-users have very little indication that this is happening as they could be typing in the address on their own..."
Edited by AplusWebMaster, 10 March 2008 - 05:46 AM.