DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!
   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
DarkVision Hardware - Daily tech news
July 21, 2019 
Main Menu
News archives

Who's Online
There are currently 176 people online.


Latest Reviews
Ewin Racing Flash gaming chair
Arctic BioniX F120 and F140 fans
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset

Follow us

Router DNS attack injects ads when visiting websites with Google Analytics

Posted on Friday, March 27 2015 @ 14:52:40 CET by

Security researchers discovered a new type of router attack that injects ads on websites. In layman's terms, the attack works by hacking vulnerable routers to misdirect queries to poisoned DNS servers. Security firm Ara Labs notes the unique thing about this new attack is the use of Google Analytics as an attack vector.

When the router malware detects a query to Google's Analytics service, it spoofs the request by redirecting it to a rogue server instead of the legitimate Google server. Quite a lot of sites run Google Analytics so for attackers it's a very easy to approach to impact countless websites with minimal effort. When an infected router visits one of these sites, it will not pull the Google Analytics script but will instead serve ads or even porn.

The peculiar aspect of this attack is that it's hard to detect. Running a malware scan on your PC will detect nothing because there's nothing wrong on your computer. Few people know routers can be infected and even then it's probably the last place they'll look.
The malicious JavaScript has been detected injecting ads for various games as well as hardcore pornography. It’s a significant issue for multiple reasons — not only is it built off one of the most common analysis platforms around, it breaks style formatting at the “host” websites and injects ads and overlays that appear, to the end-user, to be officially sanctioned by the site in question. No amount of system reformatting or malware scans will find the error, since the problem is embedded in the router.

Source: at ExtremeTech



DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2019 DM Media Group bvba