New Attack Hijacks DNS Traffic From 300,000 Routers

nk497 writes "Florida-based security firm Team Cymru said it was examining a widespread compromise"of 300,000 consumer and small office/home office (SOHO) routers in Europe and Asia. The DNS server settings were changed to a pair of IP addresses, which correspond to Dutch machines that are registered to a company that lists its address in central London. The attack highlights the flaws in router firmware, the researchers said. 'It's not new as an issue to the InfoSec community but this is one of the biggest we've seen recently as it's quite insidious,' Cymru's Steve Santorelli said, adding the hack could let the attackers conduct man in the middle attacks, impersonating your bank, for example."

Re:Impersonating a bank is easy

[rebelwarlock]

That's forming a bank, not impersonating one.

Re:The report

[Anonymous Coward]

No I'm not!

Re:Exploit, or dumb users?

[TubeSteak]

Is this conducted via some common firmware exploit, or dumb users leaving default admin password in place?

FTFS: The attack highlights the flaws in router firmware

I'll admit, I'm a weirdo.
I read more than the headline before I comment.

Re:So how to impersonate a bank ?

[Anonymous Coward]

Alright wiseguy, share with us details on how to impersonate a bank then ...

https://www.mtgox.com/ [mtgox.com]