News Comments FAQ Related Articles

Attackers Target Home Routers with DNS Hijacking

5407

Attackers Target Home Routers with DNS Hijacking

The latest victims to DNS hijacking appears to be the home routers manufactured by D-Link. Here the traffic is redirected to various malicious sites.

Researchers have detected different types of attacks that are targeting consumer routers, all of which were reportedly traced back to hosts on the Google Cloud Platform (AS15169) network.

Troy Mursch, the person who discovered this issue, detailed three different waves of findings, which started in December 2018. In the most recent wave, discovered on March 26, “attacks came from three distinct Google Cloud Platform hosts and targeted additional types of consumer routers not previously seen before.”

Mursch also states that it is virtually impossible to determine the scope and scale of these attacks is unless researchers use the tactics employed by malicious actors.

“We have suspended the fraudulent accounts in question and are working through established protocols to identify any new ones that emerge. We have processes in place to detect and remove accounts that violate our terms of service and acceptable use policy, and we take action on accounts when we detect abuse, including suspending the accounts in question. These incidents highlight the importance of practicing good security hygiene, including patching router firmware once a fix becomes available," wrote a Google Cloud spokesperson.

“Home router vulnerabilities are a great nuisance for organizations, and in light of the latest news about hackers leveraging D-Link routers to hijack DNS traffic, organizations should put their guard up,” said Justin Jett, director of audit and compliance for Plixer.

“While home routers don’t directly connect with the corporate network, they are used by individuals at home and in many cases connect business assets like mobile phones and computers to the internet when employees are not on campus.”

Asa the number of remote workers keeps on increasing, it makes easy for perpetrators to go around the corporate defenses via employees' home networks, thus making it more vulnerable due to its less little security. Also, users may unknowingly connect to sites that download malware onto their system, by connecting the DNS server settings at the home router.

Tags:
Author: 

Comments ( 0 )

No comments available

Frequently asked questions ( 0 )

No questions available

Related Tutorials in Attackers Target Home Routers with DNS Hijacking

Related Tutorials in Attackers Target Home Routers with DNS Hijacking

How to install and configure DNS server in CentOS 7
How to install and configure DNS server in CentOS 7
Sep 16, 2017
How to Block a Domain in Bind DNS Server on CentOS
How to Block a Domain in Bind DNS Server on CentOS
Sep 26, 2017
How to Block a domain using RPZ on Bind DNS server on CentOS
How to Block a domain using RPZ on Bind DNS server on CentOS
Sep 28, 2017
How to set permanent DNS nameservers on Ubuntu 21.04
How to set permanent DNS nameservers on Ubuntu 21.04
Nov 2, 2021
How to set permanent DNS Nameserver on Linux Mint 20.2
How to set permanent DNS Nameserver on Linux Mint 20.2
Mar 30, 2023
How to Allow Domains by reverse DNS lookup in CSF on Rocky Linux 9.2
How to Allow Domains by reverse DNS lookup in CSF on Rocky Linux 9.2
Dec 6, 2023
How To Create And Use Custom Category On CTRLify
How To Create And Use Custom Category On CTRLify
Jan 7, 2025

Related Forums in Attackers Target Home Routers with DNS Hijacking

Related Forums in Attackers Target Home Routers with DNS Hijacking

CentOS Web Panel
robert class=
DNS server is not working on Centos Web Panel
Dec 29, 2017
Bind
issacjoseph class=
How to check bind configuration
Feb 4, 2018
nslookup
karljustin class=
nslookup command not working
Feb 6, 2018
DNS
david class=
Apt-get update Failed to fetch http://us.archive.ubuntu.com/ubuntu/dists/cosmic/InRelease Temporary failure resolving 'us.archive.ubuntu.com'
Apr 6, 2019
Bind
ismail class=
How to block particular websites in linux bind DNS
Sep 26, 2017
CentOS
stalkjonas class=
rndc key not found help
Mar 8, 2018
DNS
caden class=
Temporary failure in name resolution
Feb 27, 2021
Bind
keeljohnston class=
How to check bind Reverse Zone configuration
Mar 5, 2018

Related News in Attackers Target Home Routers with DNS Hijacking

Related News in Attackers Target Home Routers with DNS Hijacking

URL Attacks and The Ways to Stay Away from Them!
URL Attacks and The Ways to Stay Away from Them!
Mar 19, 2019
FIN7 still to be found via Astra tools even after arrests
FIN7 still to be found via Astra tools even after arrests
Mar 26, 2019
Streaming List of GPS Locations Exposed From Saudi Telecom Provider
Streaming List of GPS Locations Exposed From Saudi Telecom Provider
Dec 17, 2019
A Sneaky Ransomware That Seems Benificial. But Deceptive.
A Sneaky Ransomware That Seems Benificial. But Deceptive.
Apr 5, 2019
Pressing Cybersecurity issue in healthcare and how to mitigate it!
Pressing Cybersecurity issue in healthcare and how to mitigate it!
Mar 18, 2019
DMSniff POS Malware Thrives via DGA
DMSniff POS Malware Thrives via DGA
Mar 18, 2019
Gnosticplayers’ is back with breached data sale on the Dark Web
Gnosticplayers’ is back with breached data sale on the Dark Web
Mar 21, 2019
Popular SSH client PuTTY had serious key exchange vulnerability
Popular SSH client PuTTY had serious key exchange vulnerability
Mar 22, 2019
Back To Top!