Whole Network Emerging Tech Fixed-Mobile Co... Mobile RFID Ultrawideband Wi-Fi WiMax/WiBro

« Hitachi Announces an RFID... | Main | UK Department of Health W... »

 

Drive-By Pharming: Symantec Says to Change Your Passwords

Filed in archive Wi-Fi by jeff goldman on February 17, 2007

Drive-By Pharming: Symantec Says to Change Your Passwords

CNET News' Joris Evers reports that Symantec this week announced the results of security research, conducted with the Indiana University School of Informatics, which found that it's possible to change the DNS setting of a router by tricking the owner into viewing a fake Web page with JavaScript code. The company calls it 'Drive-By Pharming.'


"I have been able to get this to work on Linksys, D-Link and netgearlinks routers," says Symantec researcher Zulfikar Ramzan. "You can create one Web site that is able to attack all routers. My feeling is that it is just a matter of time before phishers start using this."


According to Ramzan, the attack works on any brand of router, but only if the default password hasn't been changed -- the JavaScript code uses the default password to gain access. While most router manufacturers recommend changing the default password, it's still easy to set up a router without doing so.


Symantec's page explaining the attack is here.


More here from InformationWeek ... and more here from InfoWorld.








Permalink: Drive-By Pharming: Symantec Says to Change Your Passwords
Tags: driveby  pharming  symantec  indiana  university  wireless  router  dns  hack  hacking  wifi  wifi  wi+fi  java  j 

Trackback: http://www.creative-weblogging.com/cgi-bin/mt-tb.pl/54122

Bookmark this entry:

img Addthis img Ask img Blinklist img del.icio.us img Digg img Fark img Facebook img Google img Lycos img Ma.gnolia Add this page to Mister Wong Mr Wong img Netscape img Netvousz img Newsvine img Reddit img StumbleUpon img Slashdot img Tailrank img Technorati img Wink img Yahoo

Related Entries:

Don't Forget About 802.20 - 24 January 2006

Mac Hack Part XVIII: End of the Story? - 01 March 2007

Beware the Evil Twin! - 26 April 2007

Hacking the Moscow Marriott - 14 May 2007

Avis Offers Mobile Wi-Fi for $10.95 a Day - 22 May 2007

San Francisco Mayor Expresses Frustration About Muni Wi-Fi - 22 May 2007

Whoops: Duke University Dropout Was Cisco's Fault, not Apple... - 23 July 2007

Related information on the web:

Drive-by Pharming Attacks Potential Threat to Broa...Driveby Pharming Attacks Potential Threat to Broadband Users: ... Researchers reveal malicious code that could be used to target routers. Researchers at Symantec and the Indiana ... - About eweek.com

TR641: Drive-By PharmingIndiana University: Computer Science Department ... Technical Report TR641: Drive-By Pharming Sid Stamm, Zulfikar Ramzan, and Markus Jakobsson - About cs.indiana.edu

Drive-by Pharming... Indiana University's School of Informatics recently announced a significant new computer security threat called drive-by pharming ... Symantec Security Response. "Because of the ease by which drive-by pharming ... - About communitybusinessbank.com

Drive-By PharmingDrive-By Pharming Sid Stamm Indiana University, Bloomington http://www.sidstamm.com/ Zulfikar Ramzan Symantec, Inc. http://www.symantec.com/ Markus Jakobsson Indiana University ... - About symantec.com

Tech2.com India > Symantec Warns of Drive-by Pharm...Symantec Security Response with the Indiana University School of Informatics, has uncovered a new security threat called "Drive-by Pharming". In this attack, consumers may fall ... - About pdesign.net





RSSrss   | See all blog subscribe options
Google google   |   What is RSS?
Yahoo! yahoo
Addthis Subscribe using any feed reader!
Bloglines Bloglines
Newsletter
Grouptivity

Use the search to look for other interesting posts



 

  • Advertise with us

  • Learn more about our advertising options or email advertising - at - creative-weblogging.com or give us a call at +1 (650) 331 4900.

  • Marketplace



  • Testimonials

  • 'I would highly recommend you to this well written and informative site.'
Subscribe to this blog on your phone




  • Other blogs in the same channel in the Creative Weblogging Network







 

Find other popular posts from our other blogs:

Tech Without Wires

Blackberry Users Are Losing Out

3D Laser Virtual Keyboard

Google's Internet Phone

Jabra BT135 Headset

Sony Walkman W910 and W960

The Mobile Technology Weblog

Mosquito Noise Hijacked by Teens

Pokémon Coming to Mobile

Habbo Hotel Gets Cash, Goes Mobile

Free SMS Site List

MXit Version 5 Announced

The RFID Weblog

RFID Can Solve Parking Woes

Downloadable RFID PowerPoint...

TagZapper, Wall Street Journal and the...

Get a Free Copy of New RFID Book

Win a RAZR Phone

The Smart PDA

The Motorola Ming (A1200)

The Nokia N95 Announced

Know a Lot About the Nokia N95

LG KS360 comes to Europe

A Vista Theme for Your Windows Mobile...

Supplychainer

Free download of a supply chain book!

Tata motors wins supply chain excellence...

About the author

Coca Cola to restructure its supply...

Supply Chain Management for beginners...

The Parenting Weblog

Steve of Blues Clues

Fuzion Scooter

Amazing Race Family Edition

Child Leash

Support Melanie Martinez

About the company | Advertise with us | Disclaimer | Privacy Policy | Refund/Return Policy

All Creative Weblogging sites are built in accordance with the Google Webmaster Guidelines and IAB guidelines.

Tagcloud: 4G 700 MHz Bluetooth Emerging Tech Fixed-Mobile Convergence Mobile RFID Sponsored Posts Ultrawideband Wi-Fi WiMax/WiBro WirelessHD