![]() It is also recommended that you disable remote administration on any routers and hardcoding a trusted DNS server into your router or operating system, such as Google’s 8.8.8.8 or 8.8.4.4. In order to protect yourself from such an attack, it is highly recommended that all routers be upgraded to the latest version of its firmware and set a strong password for the router’s web portal. The botnet works by performing automated scans for the IP addresses for routers that use weak or no password at all, accesses the routers’ settings, and then changes the router’s default DNS address to the one controlled by the attackers. This data shows that along with banking data, attackers are also interested in obtaining possible email credentials, as well as account information for services like Netflix and PayPal. ![]() Further analysis has also revealed 12 websites that were actively targeted in the phishing campaign: This allows the attackers to remain undetected for long periods of time, as there isn’t any noticeable difference from the affected user’s point of view.īased on analysis of GhostDNS’ source code, researchers were able to identify 20 rogue DNS servers, which you can find at the end of this article under the Indicators of Compromise section. The second is a legitimate DNS server, typically Google’s public DNS server, which is used to handle all other requests that the affected user may visit. The attackers utilize two DNS servers, the first being a ‘rogue’ server which redirects requests for specific websites, typically banking related, to phishing pages. This allows attackers to reroute traffic to malicious websites and could even allow attackers to compromise financial login information. ![]() GhostDNS is a platform developed to help attackers find vulnerable SOHO routers and change the DNS settings of the ones found to be vulnerable to attack. Friday, September 11th, 2020 | Cyber Threats
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |