Slashdot Mirror

← Back to Stories (view on slashdot.org)

Drive-By Pharming In the Wild

Posted by kdawson on from the just-change-the-default-password-already dept.

An anonymous reader writes "Symantec reported Tuesday that the first case of drive-by pharming, in which a hacker changes the DNS settings on a customer's broadband router or wireless access point and directs the link to a fraudulent Web site, has been observed in the wild. The first drive-by pharming attack has been observed against a Mexican bank: 'It's associated with an e-mail pretending to be from a legitimate Spanish-language e-greeting card company, Gusanito.com,' says Symantec Security Response principal researcher Zulfikar Ramzan. Inside the e-mail is an HTML image tag but instead of displaying images, it sends a request to the home router to tamper with it."

1 of 205 comments (clear)

  1. Re:Pfft by Kalriath · · Score: 0, Redundant

    Um, yeah. "Has a default password" should read "has a changed default password". I've been drinking recently, and have a bit of a headache, so sue me.

    Not literally, you crazy US folks.

    (Seriously Slashdot, it requires pretty much the same fucking processing power to tell me "slow down cowboy" as to just write the fucking comment to the DB... your comment wait time is a complete waste of resources)

    --
    For a site about things like basic rights, Slashdot users sure do like to censor "dissent".