Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Cybercriminals add new component to Sality to hijack the DNS addresses of routers

Cybercriminals add new component to Sality to hijack the DNS addresses of routers

2014/04/03

Softpedia - (International) Researchers at ESET analyzed a new component of the Sality malware that was recently added and allows the malware to hijack the primary DNS address of routers. The analysis showed that the malware targets specific router models and attempts to use a brute force attack to gain administrator access, and then changes the router's DNS server address in order to direct users to fake installation sites.

Source: http://news.softpedia.com/news/Cybercriminals-Add-New-Component-to-Sality-to-Hijack-the-DNS-Addresses-of-Routers-435654.shtml

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:19:45