Attackers could change the configuration of home routers using JavaScript code, security researchers at Indiana University and Symantec have discovered. The researchers first published their work in December, but Symantec publicized the findings on Thursday.
The researchers found that it is possible to change the DNS, or Domain Name System, settings of a router if the owner uses a connected PC to view a Web page with the JavaScript code. This DNS change lets the attacker divert all the Net traffic going through the router. For example, if the victim types in "www.mybank.com," the request could be sent to a similar-looking fake page created to steal sensitive data.
"I have been able to get this to work on Linksys, D-Link and Netgear routers," Symantec researcher Zulfikar Ramzan said. "You can create one Web site that is able to attack all routers. My feeling is that it is just a matter of time before phishers start using this."
After a router's DNS setting is changed, all computers connected to the device will use the DNS server set up by the attacker to find their way on the Internet. DNS functions like the phonebook of the Internet, mapping text-based addresses such as www.news.com to actual numeric Internet Protocol addresses of a Web site.
JavaScript code could hack some home routers
Posted on Sunday, February 18 2007 @ 13:16 CET by Thomas De MaesschalckSecurity experts warn that some lines of JavaScript could allow hackers to change setting of poorly configured home routers.
