Home / Tech News & Announcements / In-the-wild router exploit sends unwitting users to fake banking site

In-the-wild router exploit sends unwitting users to fake banking site

Enlarge (credit: DLink) Hackers have been exploiting a vulnerability in DLink modem routers to send people to a fake banking website that attempts to steal their login credentials, a security researcher said Friday. The vulnerability works against DLink DSL-2740R, DSL-2640B, DSL-2780B, DSL-2730B, and DSL-526B models that haven’t been patched in the past two years. As described in disclosures here , here , here , here , and here , the flaw allows attackers to remotely change the DNS server that connected computers use to translate domain names into IP addresses. According to an advisory published Friday morning by security firm Radware, hackers have been exploiting the vulnerability to send people trying to visit two Brazilian bank sites—Banco de Brasil’s www.bb.com.br and Unibanco’s www.itau.com.br—to malicious servers rather than the ones operated by the financial institutions. In the advisory, Radware researcher Pascal Geenens wrote: Read 5 remaining paragraphs | Comments

Taken from:
In-the-wild router exploit sends unwitting users to fake banking site

About kanmg

Check Also

Melinda Gates wants tech philanthropy to focus more on gender gap – CNET

Less talk, more walk.

Home / Tech News & Announcements / In-the-wild router exploit sends unwitting users to fake banking site

In-the-wild router exploit sends unwitting users to fake banking site

Enlarge (credit: DLink) Hackers have been exploiting a vulnerability in DLink modem routers to send people to a fake banking website that attempts to steal their login credentials, a security researcher said Friday. The vulnerability works against DLink DSL-2740R, DSL-2640B, DSL-2780B, DSL-2730B, and DSL-526B models that haven’t been patched in the past two years. As described in disclosures here , here , here , here , and here , the flaw allows attackers to remotely change the DNS server that connected computers use to translate domain names into IP addresses. According to an advisory published Friday morning by security firm Radware, hackers have been exploiting the vulnerability to send people trying to visit two Brazilian bank sites—Banco de Brasil’s www.bb.com.br and Unibanco’s www.itau.com.br—to malicious servers rather than the ones operated by the financial institutions. In the advisory, Radware researcher Pascal Geenens wrote: Read 5 remaining paragraphs | Comments

Originally posted here:
In-the-wild router exploit sends unwitting users to fake banking site

About kanmg

Check Also

Melinda Gates wants tech philanthropy to focus more on gender gap – CNET

Less talk, more walk.

Leave a Reply

Your email address will not be published. Required fields are marked *