Experts Caution Against Bot Attacks on D-Link Routers
According to the Security Experts of Symantec Corp., a leading online security provider, suspicious port scanning bearing antecedents to D-Link branded routers may imply that a malevolent program or bot is attacking the routers of a particular brand through a flaw that had surfaced way back in 2005.
Symantec released an alert on March 24, 2008, regarding "authentic reports" of on the loose malevolent program or bot that was hacking and then attaching itself on D-Link routers.
Oliver Friedrichs, Director of Security Response Team, Symantec, said that after investigating it further, it was resolved that the program was rather deceptive. It's unofficial at present. However, there has been an increase in targeted attacks and the strikes seem to be originating from various D-Link routers, as reported by ComputerWorld on March 25, 2008.
The strikes against the D-Link devices start with cyber-terrorist scrutinizing TCP port 23 for a dynamic SNMP (Simple Network Management Protocol) system vulnerability that at the outset surfaced in D-Link router's firmware in 2005.
It appears as if they're taking advantage of the SNMP flaw to reconfigure or reset the administrative login password on the routers to carry on a clever and potentially devastating strikes against home routers that alter a router's DNS server settings so that its consumers are unsuspectingly diverted to fake or malevolent sites in place of the actual URLs.
Furthermore, router flaws are on the rise and strikes against routers are on the increase. The targets are launched routers employed by users and small companies to develop wireless telecommunication networks. Hackers are searching for new sites outside the computer to deploy and conceal their malicious software.
Experts also disclosed that they are not stunned by the exploitation of routers by the hackers. Petko Petkov, a prolific British penetration tester, said that nowadays, anyone can program a worm that extensively targets routers effortlessly. Majority of the study data is available, so it is just a question of solving the puzzle properly, as reported by ComputerWorld on March 25, 2008.
Now, the security experts at Symantec are advising the consumers to ensure that the SNMP network was not disclosed to the Web. The experts also recommended them to upgrade the security applications of the PC to further strengthen the desktop's safety.
Related article: Experts Find Two Vulnerabilities in Firefox
» SPAMfighter News - 03-04-2008