News

Hackers Target E-Banking Users By Exploiting Router Vulnerabilities To Hijack the DNS

There have been reports about critical vulnerabilities in a variety of routers, including Cisco, TP-Link, ASUS, TENDA and Netgear among others, all of which can be found in a normal household.

According to Polish Computer Emergency Response Team (CERT Polska), they have noticed an increase in cyber attack, leading to a cyber attack campaign aimed at Polish e-banking users. The hackers apparently use known router vulnerability that allow attackers to change the router’s DNS configuration remotely. This allegedly is used to lure users to fake bank websites or can perform Man-in-the-Middle attacks.

“After DNS servers settings are changed on a router, all queries from inside the network are forwarded to rogue servers. Obviously the platform of a client device is not an issue, as there is no need for the attackers to install any malicious software at all.” CERT Polska researchers said.

The DNS can be changed and point to a malicious DNS server from the router’s settings, giving the hacker complete control to facilitate interception, inspection and modification to the traffic between the user and the online banking website.

It is said that most of the Banking and E-commerce sites are using HTTPS with SSL encryption, making it impossible to impersonate them without a valid digital certificate issued by a Certificate Authority (CA), but to bypass such limitation cyber criminals are also using the SSL strip technique to spoof digital certificates.

The recommended steps to take in case of such attacks are to change the default username and password for the router, update the router’s firmware to the latest version and disable Remote Administration features in the router’s settings. Another way to notice fake websites is to lay attention to the browser’s address bar and HTTPS indicators.

Thank you TheHackerNews for providing us with this information

Gabriel Roşu

Disqus Comments Loading...

Recent Posts

Electronic Arts Titles Played for Over 11 Billion Hours in 2024

Electronic Arts (EA) announced today that its games were played for over 11 billion hours…

2 days ago

Just 15% of Steam Gaming Time in 2024 Was Spent on New Releases

Steam's annual end-of-year recap, Steam Replay, provides fascinating insights into gamer habits by comparing individual…

2 days ago

STALKER 2 Gets Massive 110GB Patch With 1800+ Fixes

GSC GameWorld released a major title update for STALKER 2 this seeking, bringing the game…

2 days ago

Intel Unveils Core 200H Processors Based on the Previous Raptor Lake Refresh

Without any formal announcement, Intel appears to have revealed its new Core 200H series processors…

3 days ago

Ubisoft Reportedly Developing a New Quadruple A Game

Ubisoft is not having the best of times, but despite recent flops, the company still…

3 days ago

STALKER 2: Heart of Chornobyl Update 1.1 Fixes 1,800 Issues and Revamps A-Life 2.0

If you haven’t started playing STALKER 2: Heart of Chornobyl yet, now might be the…

3 days ago