Did you like this?
friends and colleagues.
By: Dan Goodin, Ars Technica
Millions of Internet users in Brazil have fallen victim to a sustained attack that exploited vulnerabilities in DSL modems, forcing people visiting sites such as Google or Facebook to reach imposter sites that installed malicious software and stole online banking credentials, a security researcher said.
The attack, described late last week during a presentation at the Virus Bulletin conference in Dallas, infected more than 4.5 million DSL modems, said Kaspersky Lab Expert Fabio Assolini, citing statistics provided by Brazil's Computer Emergency Response Team. The CSRF (cross-site request forgery) vulnerability allowed attackers to use a simple script to steal passwords required to remotely log in to and control the devices. The attackers then configured the modems to use malicious domain name system servers that caused users trying to visit popular websites to instead connect to booby-trapped imposter sites.
Related Business News Articles
Kaspersky Security for Storage Certified with Dell EMC FluidFS v6Learn more >
Kaspersky Lab experts have studied the DDoS services available on the black market and determined just how far the illegal business has advanced, as well as the extent of its popularity and profitability.Learn more >
Kaspersky Lab North America Sponsors Woburn Elementary School’s Freedom Trail® Scholars Program Visit
Kaspersky Lab North America will sponsor Shamrock Elementary School’s fifth grade students as they participate in the Freedom Trail® Foundation Scholars Program.Learn more >