Sign In

Communications of the ACM

ACM TechNews

Attack on Home Routers Sends Users to Spoofed Sites That Push Malware


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
A Linksys router.

Researchers warn a hack of Linksys and D-Link routers is redirecting users to malicious sites posing as COVID-19 informational resources.

Credit: Wikipedia

Researchers citing data from Bitdefender security products are warning that a hack of Linksys and D-Link routers for homes and small offices is redirecting users to malicious sites posing as COVID-19 informational resources.

The researchers believe the hackers are guessing passwords used to secure the routers' remote management console when the feature is turned on, or are guessing credentials for users' Linksys cloud accounts.

The hacks redirect users to malicious sites that install malware or attempt to phish passwords.

Bitdefender’s Liviu Arsene said the spoofed sites close port 443, the Internet gate that transmits traffic protected by HTTPS authentication protections, preventing the display of warnings from browsers or email clients that a TLS certificate is invalid or untrusted.

The researchers said these routers should have remote administration turned off whenever possible.

From Ars Technica
View Full Article

 

Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA


 

No entries found