Skip to main content

Have a D-Link Wireless Router? You might have been Hacked

The popular DSL wireless router model from D-Link are allegedly vulnerable to a software bug that could allow remote hackers to modify the DNS (Domain Name System) settings on affected routers and to hijack users' traffic.

The main goal of DNS hijacking is to secretly redirect user’s traffic from a legitimate websites to a malicious one controlled by hackers. The vulnerability might also affects other devices because it is located in the same, widely-used wireless router firmware used by different manufacturers.

Bulgarian security researcher Todor Donev discovered the flaw which exists in a widely deployed ZynOS firmware from ZyXEL Communications Corporation, that is used in network hardware from TP-Link Technologies, ZTE and D-Link.

According to the security researcher, D-Link’s popular DSL2740R wireless router and a number of other D-Link routers, particularly the DLS-320B, are vulnerable.

Late last year, similar router vulnerability was discovered in the web server "RomPager" from AllegroSoft, which is typically embedded into the firmware of routers, modems and other "gateway devices" from about every leading manufacturer.

The flaw put 12 million homes and offices routers from a variety of different manufacturers vulnerable to DNS hijacking attack, which also included kit from D-Link, along with Edimax, Huawei, TP-Link, ZTE, and ZyXEL.

The latest bug discovered in wireless routers running the vulnerable firmware could reveal their internal web servers to the open Internet, and according to an email from Donev, this could allow a remote attacker to configure the devices without authentication to access its administrative interface.

Donev claimed that once attackers succeeded in modifying systems' DNS settings, they could perform a handful of malicious tasks, including:

Redirecting unknown users to malicious sites – These sites could lead victim to a phishing page that could masquerade as a well-known site in order to trick users into handing out their personal and sensitive information.
Replacing advertisements on legitimate sites – Hackers could manipulate ads that users see, replacing legitimate ads with malicious ones on the sites they visit.
Controlling and redirecting network traffic – Hackers could also prevent users of infected systems from receiving important operating system updates and other software and security updates.
Pushing additional malware – Attackers could directly push malware onto the infected systems.

In order to exploit the router vulnerability, a malicious hacker would have to either be on the router’s network or the wireless router would have to be publicly accessible. Now that administrative interface is exposed to the Internet, the risk of exploitation is higher.

But even if the wireless router is accessible within the local area network, hackers can still use Cross-Site Request Forgery (CSRF), a technique which involves gaining access to local networks by sending specific HTTP requests to a LAN IP address that usually associates with the wireless router.

Donev released the details of the D-Link wireless router vulnerability publicly without notifying the affected vendors. He has also published a proof-of-concept exploit for the D-Link DSL-2740R, a dual-function ADSL modem/wireless router device. As of now, this particular device has been discontinued from sale but is still supported.
Labels:

Comments

Post a Comment

Popular posts from this blog

JNTU-K B.Tech R10 All Results | Manabadi | Schools9 | jntuk.edu.in

Hi Friends...! It is some what difficult to search the all regular and supply results in google from manabadi, schools9 or from jntuk.edu.in for JNTU-Kakinada B.Tech students of R10 Regulation. So, that for this purpose Results Release team collected all the results and providing you to check the results of jntuk r10 regulation.  JNTU-K R10 B.Tech All Results [2010-14] JNTU-K R10 B.Tech All Results [2011-15] JNTU-K R10 B.Tech All Results [2012-16]
1 comment
continue ----------->

Adobe Acrobat XI Pro 11.0.0 Multilanguage (Cracked dll )

(Size: 530 MB) Adobe® Acrobat® XI Pro is more than just the leading PDF converter. It's packed with smart tools that give you even more power to communicate. Easily, seamlessly, brilliantly. NEW Edit text in a PDF - Fix a typo, change a font, or add a paragraph to your PDF as easily as you do in other applications using a new point-and-click interface. NEW Convert PDF files to PowerPoint - Get a head start on new projects by saving a PDF file as a fully editable PowerPoint presentation. NEW Create new PDF and web forms - Customize professional templates or design from scratch with the Adobe FormsCentral desktop app included in Acrobat XI Pro. IMPROVED Standardize routine PDF tasks - Make it easy to create PDFs consistently. Guide people through the correct series of steps with Actions. NEW Edit images in a PDF - Resize, replace, and adjust images in your PDF with no need to track down the original file or graphic.
1 comment
continue ----------->

The anatomy of anxiety

Post a Comment
continue ----------->

Mac OS X 10.8 Mountain Lion ISO Untouched OS download

Description I noticed that there are no complete and untouched Mountain Lion ISO images uploaded on any torrent sites. The only one available had its boot sector stripped so it could fit onto a 4.7 gb dvd. Therefore it is not bootable or very hard to boot! So here is a untouched copy of Mountain Lion in the ISO format. It will require a dual layer dvd to burn!  This iso was made by opening the golden master "InstallESD.dmg" in disk utility and converting it to a cd/dvd master. Macs use the extension ".cdr" for raw image files so I then changed it to ".iso". Now it is completely compatible to be burned with any iso image burner available! To burn on a mac in disk utility simply change the extension back to ".cdr". 
1 comment
continue ----------->