Threatpost |
DNSChanger Exploit Kit Hijacks Routers, Not Browsers | Threatpost …
Threatpost An exploit kit called DNSChanger EK is attacking routers, not browsers, as part of a malvertising campaign. Cybercriminals are infecting home routers to serve users with endless malicious ads DNSChanger Exploit Targets Routers Through Web Browsers New malvertising campaign infects home and small business routers |
Cybercriminals have developed a Web-based attack tool to hijack routers on a large scale when users visit compromised websites or view malicious advertisements in their browsers.
The goal of these attacks is to replace the DNS (Domain Name System) servers configured on routers with rogue ones controlled by attackers. This allows hackers to intercept traffic, spoof websites, hijack search queries, inject rogue ads on Web pages and more.
The DNS is like the Internet’s phonebook and plays a critical role. It translates domain names, which are easy for people to remember, into numerical IP (Internet Protocol) addresses that computers need to know to communicate with each other.
To read this article in full or to leave a comment, please click here
In addition to having its own arsenal of digital weapons, the U.S. National Security Agency reportedly hijacks and repurposes third-party malware.
The NSA is using its network of servers around the world to monitor botnets made up of thousands or millions of infected computers. When needed, the agency can exploit features of those botnets to insert its own malware on the already compromised computers, through a technology codenamed Quantumbot, German new magazine Der Spiegel reported Sunday.
One of the secret documents leaked by former NSA contractor Edward Snowden and published by Der Spiegel contains details about a covert NSA program called DEFIANTWARRIOR that’s used to hijack botnet computers and use them as “pervasive network analysis vantage points” and “throw-away non-attributable CNA [computer network attack] nodes.”
To read this article in full or to leave a comment, please click here
The latest release of the Windows Malicious Software Removal Tool is set up to take on a bot designed to hijack HTTP traffic for several browsers, but also featuring additional malicious capabilities. Dubbed Win32/Cycbot by Microsoft, this piece of malware …
Read more