Security firm Symantec and the Indiana University School of Informatics have discovered a new type of security threat that could leave up to 50 percent of home broadband users susceptible to attack.Called “drive-by pharming,” the threat is focused on home routers, which can be reconfigured and directed to a malicious Web site if default settings and passwords are being used.
With traditional pharming, an attacker redirects a user from a legitimate Web site to a bogus Web site that contains malicious code. Pharming attacks can be executed by either changing the host file on a victim’s PC or manipulating a domain name system (DNS) server.
In the new scheme, when a user visits a malicious Web site, an attacker is able to remotely change the DNS settings on the broadband router or wireless access point and reroute requests for legitimate sites — like online banking sites or financial institutions — to bogus sites designed to steal login information.
Via: Sci-Tech Today