Communications of the ACM

Home/News/Attack on Home Routers Sends Users to Spoofed Sites.../Full Text

ACM TechNews

Attack on Home Routers Sends Users to Spoofed Sites That Push Malware

By Ars Technica
March 27, 2020
Comments

View as: Print Mobile App Share:

A Linksys router. — Researchers warn a hack of Linksys and D-Link routers is redirecting users to malicious sites posing as COVID-19 informational resources.

Credit: Wikipedia

Researchers citing data from Bitdefender security products are warning that a hack of Linksys and D-Link routers for homes and small offices is redirecting users to malicious sites posing as COVID-19 informational resources.

The researchers believe the hackers are guessing passwords used to secure the routers' remote management console when the feature is turned on, or are guessing credentials for users' Linksys cloud accounts.

The hacks redirect users to malicious sites that install malware or attempt to phish passwords.

Bitdefender’s Liviu Arsene said the spoofed sites close port 443, the Internet gate that transmits traffic protected by HTTPS authentication protections, preventing the display of warnings from browsers or email clients that a TLS certificate is invalid or untrusted.

The researchers said these routers should have remote administration turned off whenever possible.

From Ars Technica
View Full Article

No entries found

Attack on Home Routers Sends Users to Spoofed Sites That Push Malware

Dark Corners of the Web Offer a Glimpse at A.I.'s Nefarious Future

U.S. Copyright Office's Questions about Generative AI

SWOT Analysis of ChatGPT in Computer Science Education