Trojan Attacks Through DNS Changing Technique
A new kind of cyber attack that gains control of the DNS (Domain Name System) configurations of computers within a network is launched with a new variant of an already existing Trojan.
Malware analysts at Symantec said that the Trojan named Trojan.Flush.M craftily introduces a function on the infected systems that serves phony DNS entries to the DHCP (Dynamic Host Configuration Protocol) clients using the network. IT experts also said that DHCP is a service typically used to auto-assign IP addresses to PCs and other related devices on a local network.
The researchers also stated that the Trojan establishes a rogue DHCP server on the victim's computer. When other PCs on the LAN make a DHCP request to receive an IP address, Flush.M responds. Thus, when a requesting PC receive...
» SPAMfighter News - 15-12-2008