Drive-By Pharming In the Wild

An anonymous reader writes "Symantec reported Tuesday that the first case of drive-by pharming, in which a hacker changes the DNS settings on a customer's broadband router or wireless access point and directs the link to a fraudulent Web site, has been observed in the wild. The first drive-by pharming attack has been observed against a Mexican bank: 'It's associated with an e-mail pretending to be from a legitimate Spanish-language e-greeting card company, Gusanito.com,' says Symantec Security Response principal researcher Zulfikar Ramzan. Inside the e-mail is an HTML image tag but instead of displaying images, it sends a request to the home router to tamper with it."

Definition?

[WarJolt]

What does "drive-by" have to do with this kind of hack? Oh sure we've all logged into neighbors wireless routers and snickered because they've left the default password. Somehow I think "drive-by" part was coined by a guy who thought of exploiting unsecured wireless routers and changing DNS settings. Am I the only one who doesn't think "drive-by" applies to this kind of attack?

British Telecom Home Hub

[ddrichardson]

Anyone else notice that BT are taking this seriously - log on to the router's home page and it tells you they have changed the default admin password (well it will when you enter the unit's serial number as the admin password.

Re:Enough with the default passwords.

[blair1q]

Because software can pop up a box on your screen saying "go look for the sticker on the box and type the letters and numbers (and maybe the dashes or maybe not, your guess is as good as ours) you see there into this box here then click the button that says 'OK'".

Hardware says "blink"..."blink"..."blink"... and user calls customer support, adding $10 to the cost of every sale.