Warning: Over 0.3 Million Routers Around The Globe Have Been Compromised!
Specifically, a majority of these lie in countries like Vietnam, India, Italy and Thailand. The routers in the mentioned countries have been affected by changing their DNS settings from their ISP’s default to two UK IP addresses (5.45.75.11 and 5.45.75.36). Routers were affected in two ways. In one, a malicious code was used to target those routers which had their GUI's accessible from the internet. Secondly, the other target routers were those that were vulnerable to ROM-O attacks, with a majority that ran ZyXEL’s ZynOS falling under the category.
The research team has however still not detected any evidence to suggest the two IP addresses were being used for malicious activities. Meanwhile, Cymru has advised users to check the DNS settings on their routers to make sure that they match the ISP’s DNS.
Wednesday, March 05, 2014:
A recent report by internet security research firm, Cymru has
shockingly revealed that over 0.3 million small office and home routers
(SOHOs) around the world have been compromised using man-in-the-middle
attacks. The 'Growing Exploitation of Small Office Routers Creating
Serious Risks' report clearly indicates that routers primarily in Europe
and Asia have been compromised by what they term as SOHO pharming. |
Specifically, a majority of these lie in countries like Vietnam, India, Italy and Thailand. The routers in the mentioned countries have been affected by changing their DNS settings from their ISP’s default to two UK IP addresses (5.45.75.11 and 5.45.75.36). Routers were affected in two ways. In one, a malicious code was used to target those routers which had their GUI's accessible from the internet. Secondly, the other target routers were those that were vulnerable to ROM-O attacks, with a majority that ran ZyXEL’s ZynOS falling under the category.
The research team has however still not detected any evidence to suggest the two IP addresses were being used for malicious activities. Meanwhile, Cymru has advised users to check the DNS settings on their routers to make sure that they match the ISP’s DNS.
No comments:
Post a Comment