Explore the latest news and trends  

Sign up for our weekly security newsletter


Be the first to receive important updates on security





Send

Compromised Brazilian Website Used to Hack Routers at Home

Theregister.co.uk reported on 15th September, 2014 quoting Fioravante Souza, Security Researcher of web security outfit Sucuri, as saying "A well-known Brazilian newspaper namely, Politica Estadao, website has been hacked by attackers with malware which attacked home routers of readers."

Attackers fixed iFrames in the website of the daily which started brute force password guessing attacks against users as and when loaded.

Souza says that attackers intended to change the settings of DNS on hacked routers writing that "...the payload was undertaking the user admin, gvt, root and some other usernames with the default passwords of the router. The script is then used to find the local IP address of your computer and it begins to guess the router IP by passing it as a variable to another script. iFrames tried to change the configuration of DNS on DSL router of the victim by brute forcing the admin credentials."

The code of attack was manipulated to target Internet Explorer which attacked IP addresses on local network range of reader including '192.168.0.1' and '192.167.1.1'.

Souza analyzed and revealed that the concealed iFrame injection loads matter from laspeores (.)com(.ar.).Threatpost.com reported on 12th September, 2014 quoting Souza as saying "A second iFrame is consequently loaded and pulls matter from vv2(.)com, a URL shortener, and 3rd iFrame then loads with tainted JavaScript redirecting to a third website."

Hackers know very well that small business and home routers have shortcomings as most of them do not have sufficient fixing and have weak or default passwords.

Hence, an attacker can redirect router traffic and can conduct any number of bonus attacks putting credentials, banking, email and other kind of transactions at risk.

The number one distribution mechanism for malware has been Websites for a while which has been the evolution in attacks. It's not likely that this will end soon and hence you have to be vigilant ad prepared. You have to remember that your personal online security is as important as your website security.

Experts conclude that you should disable the execution of JavaScript on browsers or disable play options for objects in the browser to minimize such attacks.

ยป SPAMfighter News - 9/22/2014

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next