Bad people might take over your home router…
February 5, 2008 by ginrocks
Extract from the theregister.co.uk article:
“A security researcher says he has observed criminals using a new form of attack that causes victims to visit spoofed banking pages by secretly making changes to their high-speed home routers.
According to Symantec researcher Zulfikar Ramzan, the attack changes a router’s settings controlling the domain name system server that translates domain names like theregister.co.uk into numerical IP address.
Malicious javascript code embedded into one email message he uncovered caused the URL for a popular Mexico-based bank to map to a fraudulent website controlled by the attackers. Anyone who tried to do business on the rogue site would have their banking credentials lifted. “
The GNUCITIZEN blogs describes the attack in detail here.
Disabling UPnP is one option of securing your home router (provided the box gives you an option to)
