Drive-By Pharming: Symantec Says to Change Your Passwords
Filed in archive Wi-Fi by jeff goldman on February 17, 2007

CNET News' Joris Evers reports that Symantec this week announced the results of security research, conducted with the Indiana University School of Informatics, which found that it's possible to change the DNS setting of a router by tricking the owner into viewing a fake Web page with JavaScript code. The company calls it 'Drive-By Pharming.'
"I have been able to get this to work on Linksys, D-Link and netgear
routers," says Symantec researcher Zulfikar Ramzan. "You can create one Web site that is able to attack all routers. My feeling is that it is just a matter of time before phishers start using this."
According to Ramzan, the attack works on any brand of router, but only if the default password hasn't been changed -- the JavaScript code uses the default password to gain access. While most router manufacturers recommend changing the default password, it's still easy to set up a router without doing so.
Symantec's page explaining the attack is here.
More here from InformationWeek ... and more here from InfoWorld.
Permalink: Drive-By Pharming: Symantec Says to Change Your Passwords
Tags:
driveby
pharming
symantec
indiana
university
wireless
router
dns
hack
hacking
wifi
wifi
wi+fi
java
j
Trackback: http://www.creative-weblogging.com/cgi-bin/mt-tb.pl/54122

Mr Wong

