Following the news that a widespread “DNSChanger” attack on vulnerable home networking equipment has been redirecting traffic from afflicted networks, including that from Apple users, to fraudulent domains and opening up the routers to further attack. Cricket Liu, Chief DNS Architect at Infoblox commented below.

Cricket Liu, Chief DNS Architect at Infoblox:

cricket-liu“It’s important to note that, rather than being a vulnerability in the domain name system, or DNS, this is actually malware that exploits vulnerabilities or default login credentials in popular routers and reconfigures their DNS settings to use malicious name servers.

“DNS is used to bootstrap basically every transaction over the Internet so, once the bad guys have redirected you to one of their own name servers, they can do whatever they want. They can redirect you to web sites that are visually indistinguishable from the real ones, where you might enter your login and password, credit card information, and more; redirect all of your Internet-bound traffic through a proxy server, where it can be captured and examined; or substitute malicious files for the files you’re trying to download.”

“This attack demonstrates once again the importance of keeping your equipment upgraded and changing your login credentials.”

Experts Comments

Stay Tuned! Our Information Security Experts Community is responding .....

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.