JavaScript code leaves routers open to attack

— 12:56 AM on February 16, 2007

Users who connect to the Internet through a router and have yet to change the device's default password may be vulnerable to a new type of JavaScript attack, according to Symantec and Indiana University researchers. As CNet reports, a JavaScript code embedded in a malicious web page can exploit a user's browser to log into a router with default login settings and change DNS IP addressses. Through a custom DNS server, a user attempting to visit a major site like Google—or worse, a bank site—could be redirected to a malicious site able to harvest passwords or other personal information.

Symantec researcher Zulfikar Ramzan tells CNet that he has already tested the attack with consumer routers from D-Link, Linksys, and Netgear, and that it's even possible to craft a single page that can attack all vulnerable routers. Ramzan feels that it's "just a matter of time before phishers start using [this attack]."

Like what we're doing? Pay what you want to support TR and get nifty extra features.
Top contributors
1. Hdfisise - $600 2. Ryszard - $503 3. Andrew Lauritzen - $502
4. the - $306 5. SomeOtherGeek - $300 6. Ryu Connor - $250
7. doubtful500 - $200 8. Anonymous Gerbil - $150 9. webkido13 - $135
10. cygnus1 - $126
Tip: You can use the A/Z keys to walk threads.
View options

This discussion is now closed.