The Broadband Guide
SG
search advanced
 Username:
 Password:
Register
 forgot password?

D-Link routers targeted in DNS hacking campaign

2019-04-05 17:33 by
Tags: ,

 

An ongoing DNS hacking campaign is targeting consumer network routers, according to security researchers at Bad Packets. Mainly D-Link routers are affected. Four other brands are on the hit list: ARGTek (China), DSLink (apparently Brazil), Secutech (Venezuela) and TOTOLINK (China).

The attackers' goal was to change the target routers' DNS settings to point to various rogue DNS servers, so that users may be redirected to malicious IPs (e.g., fake bank websites). The researchers identified three waves which took place between December last year and the end of March this year, detailed in a blog.

The first wave was launched Dec. 29 and targeted D-Link DSL-2640B, D-Link DSL-2740R, D-Link DSL-2780B and D-Link DSL-526B, redirecting their traffic to a rogue DNS server in Canada. The second wave of attacks, launched Feb. 6, also targeted these same types of D-Link modems and was also redirecting traffic to a DNS server in Canada.

The third and latest wave, on March 26, targeted ARG-W4 ADSL routers, DSLink 260E routers, Secutech routers, and TOTOLINK routers. This campaign redirected traffic to two rogue DNS servers, both hosted in Russia.

Owners of targeted routers are advised to check whether their router's DNS settings have been tampered with (the rogue DNS servers used in this campaign are/were located at 66.70.173.48, 144.217.191.145, 195.128.126.165 and 195.128.124.131) and, if they have, to change them to one of the legitimate, public DNS resolvers. Those who haven't been affected should make sure to have the latest firmware available installed.

Read more -here-

 

  Post your review/comments
    rate:
   avg:
News Glossary of Terms FAQs Polls Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Routers Wireless Firewalls / VPNs Software Hardware User Reviews
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About