JavaScript code leaves routers open to attack


— 12:56 AM on February 16, 2007

Users who connect to the Internet through a router and have yet to change the device's default password may be vulnerable to a new type of JavaScript attack, according to Symantec and Indiana University researchers. As CNet reports, a JavaScript code embedded in a malicious web page can exploit a user's browser to log into a router with default login settings and change DNS IP addressses. Through a custom DNS server, a user attempting to visit a major site like Google—or worse, a bank site—could be redirected to a malicious site able to harvest passwords or other personal information.

Symantec researcher Zulfikar Ramzan tells CNet that he has already tested the attack with consumer routers from D-Link, Linksys, and Netgear, and that it's even possible to craft a single page that can attack all vulnerable routers. Ramzan feels that it's "just a matter of time before phishers start using [this attack]."

Like what we're doing? Pay what you want to support TR and get nifty extra features.
Top contributors
1. GKey13 - $650 2. JohnC - $600 3. davidbowser - $501
4. cmpxchg - $500 5. DeadOfKnight - $400 6. danny e. - $375
7. the - $360 8. Ryszard - $351 9. rbattle - $350
10. Ryu Connor - $350
   
Register
Tip: You can use the A/Z keys to walk threads.
View options

This discussion is now closed.