DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!

   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
 
DarkVision Hardware - Daily tech news
November 19, 2018 
Main Menu
Home
Info
News archives
Articles
Howto
Reviews
 

Who's Online
There are currently 195 people online.

 

Latest Reviews
Arctic BioniX F120 and F140 fans
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset
Lamptron FC-10 SE fan controller
 

Follow us
RSS
 

Router DNS attack injects ads when visiting websites with Google Analytics

Posted on Friday, March 27 2015 @ 14:52:40 CET by


Security researchers discovered a new type of router attack that injects ads on websites. In layman's terms, the attack works by hacking vulnerable routers to misdirect queries to poisoned DNS servers. Security firm Ara Labs notes the unique thing about this new attack is the use of Google Analytics as an attack vector.

When the router malware detects a query to Google's Analytics service, it spoofs the request by redirecting it to a rogue server instead of the legitimate Google server. Quite a lot of sites run Google Analytics so for attackers it's a very easy to approach to impact countless websites with minimal effort. When an infected router visits one of these sites, it will not pull the Google Analytics script but will instead serve ads or even porn.

The peculiar aspect of this attack is that it's hard to detect. Running a malware scan on your PC will detect nothing because there's nothing wrong on your computer. Few people know routers can be infected and even then it's probably the last place they'll look.
The malicious JavaScript has been detected injecting ads for various games as well as hardcore pornography. It’s a significant issue for multiple reasons — not only is it built off one of the most common analysis platforms around, it breaks style formatting at the “host” websites and injects ads and overlays that appear, to the end-user, to be officially sanctioned by the site in question. No amount of system reformatting or malware scans will find the error, since the problem is embedded in the router.


Source: at ExtremeTech



 



 

DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2018 DM Media Group bvba