Hijack attack aims to grab bank details via routers

Researchers at DDoS protection specialist Radware have uncovered an attack aimed at Brazilian bank customers that seeks to steal credentials via a compromised router. It employs malware that targets DLink DSL modem routers using exploits dating back to 2015. A malicious agent attempts to modify the DNS server settings in the routers of Brazilian residents, redirecting all their DNS requests through a malicious server. The malicious DNS server is then hijacking requests for the host name of Banco de Brasil and redirecting to a fake, cloned website hosted on the same malicious DNS server, which has no connection whatsoever to the… [Continue Reading]