Drive-By Pharming Remotely Kidnaps Surfers

Discussion in 'Off Topic' started by New Cell, Feb 28, 2007.

Thread Status:
Not open for further replies.
  1. New Cell

    New Cell Unleashed Enigma

    Messages:
    3,627
    Likes Received:
    4
    Trophy Points:
    198
    A new exploit is called drive-by pharming. In traditional pharming, a host files on a computer or a manipulation of the domain name server (DNS) leads the victim to a bogus Web site. In a drive-by pharming attack, an unprotected broadband router or wireless access point (WAP) is manipulated and requests to legitimate Web sites are waylaid to bogus sites. The difference is that the newer attacks, which have been identified by Symantec and the Indiana University School of Informatics, are done remotely...
    Drive-by pharming attacks can only be executed when the router either isn't password protected or when the attacker knows or can guess the password. Once the victim clicks on the link, JavaScript is used to change the DNS setting. From that point on, the user thinks he or she is at the legitimate site…

    Link: http://www.newsfactor.com/story.xhtml?story_id=100003G4AEXK
     
  2. r0k

    r0k Dazed

    Messages:
    9,750
    Likes Received:
    1,264
    Trophy Points:
    288
    Wow. Now that's scary. My only question is... If you're smart enough to remotely configure somebody's router, why are you driving around my subdivision surfing for my over-the-limit credit card numbers when you could be working as a highly paid security consultant?
     
  3. Curious Cat

    Curious Cat Mobile Deity Super Moderator

    Messages:
    2,661
    Likes Received:
    7
    Trophy Points:
    238
    Because they failed their Project Management Professional certification test. Probably the part that states, "Agreed to abide by a professional code of conduct". :rolleyes: :D
     
  4. RickAgresta

    RickAgresta Peanut, leader of the Peanutty Forces

    Messages:
    21,762
    Likes Received:
    19,139
    Trophy Points:
    288
    key word is working; some folks ju&t don't go for the 9-5 routine. Or, maybe they don't know about that possibility…nah!
     
Thread Status:
Not open for further replies.

Share This Page