JavaScript code leaves routers open to attack

Users who connect to the Internet through a router and have yet to change the device’s default password may be vulnerable to a new type of JavaScript attack, according to Symantec and Indiana University researchers. As CNet reports, a JavaScript code embedded in a malicious web page can exploit a user’s browser to log into a router with default login settings and change DNS IP addressses. Through a custom DNS server, a user attempting to visit a major site like Google—or worse, a bank site—could be redirected to a malicious site able to harvest passwords or other personal information.

Symantec researcher Zulfikar Ramzan tells CNet that he has already tested the attack with consumer routers from D-Link, Linksys, and Netgear, and that it’s even possible to craft a single page that can attack all vulnerable routers. Ramzan feels that it’s “just a matter of time before phishers start using [this attack].”

Comments closed

Pin It on Pinterest

Share This

Share this post with your friends!