Drive-By Pharming In the Wild

Posted by kdawson on Tuesday January 22, 2008 @11:08AM from the just-change-the-default-password-already dept.

An anonymous reader writes "Symantec reported Tuesday that the first case of drive-by pharming, in which a hacker changes the DNS settings on a customer's broadband router or wireless access point and directs the link to a fraudulent Web site, has been observed in the wild. The first drive-by pharming attack has been observed against a Mexican bank: 'It's associated with an e-mail pretending to be from a legitimate Spanish-language e-greeting card company, Gusanito.com,' says Symantec Security Response principal researcher Zulfikar Ramzan. Inside the e-mail is an HTML image tag but instead of displaying images, it sends a request to the home router to tamper with it."

1 of 205 comments (clear)

Min score:

Reason:

Sort:

Definition? by WarJolt · 2008-01-22 11:23 · Score: 5, Interesting

What does "drive-by" have to do with this kind of hack? Oh sure we've all logged into neighbors wireless routers and snickered because they've left the default password. Somehow I think "drive-by" part was coined by a guy who thought of exploiting unsecured wireless routers and changing DNS settings. Am I the only one who doesn't think "drive-by" applies to this kind of attack?