Dangerous new home router exploit

Security by on February 19, 2007 at 2:41 pm

A summary is at Security Pro News and the source paper can be found here(pdf), but the exploit is a simple one:

  • User visits website with malicious javascript
  • Javascript changes DNS settings on routers with default passwords
  • Hacker now owns the user’s Internet experience

Obviously, this is an easy hack to prevent, but how many users change their default password on their router? I occasionally check this when I see a ‘linksys’ or ‘netgear’ network. Unfortunately, if the network name is still the same so is the password 90% of the time.

The fascinating thing is that this change could be undetectable to the user. They could see a normal browsing experience, all while the hacker is attaching affiliate codes to links, or sending the user to the occasional spoofed phishing site.

Related Posts

0 Comments

No comments yet.

RSS feed for comments on this post.

Sorry, the comment form is closed at this time.

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 License. | Dave Naffziger's BlogDave & Iva Naffziger