Article 5185K New attack on home routers sends users to spoofed sites that push malware

New attack on home routers sends users to spoofed sites that push malware

by
Dan Goodin
from Ars Technica - All content on (#5185K)
linksys-800x451.jpg

Enlarge (credit: Wikipedia)

A recently discovered hack of home and small-office routers is redirecting users to malicious sites that pose as COVID-19 informational resources in an attempt to install malware that steals passwords and cryptocurrency credentials, researchers said on Wednesday.

A post published by security firm Bitdefender said the compromises are hitting Linksys routers, although BleepingComputer, which reported the attack two days ago, said the campaign also targets D-Link devices.

It remains unclear how attackers are compromising the routers. The researchers, citing data collected from Bitdefender security products, suspect that the hackers are guessing passwords used to secure routers' remote management console when that feature is turned on. Bitdefender also hypothesized that compromises may be carried out by guessing credentials for users' Linksys cloud accounts.

Read 10 remaining paragraphs | Comments

index?i=hZruurXYHKU:ik7AX_l9IV4:V_sGLiPB index?i=hZruurXYHKU:ik7AX_l9IV4:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments