For HomeFor BusinessFor Partners
Industry News
2 min read

Criminals Clear Bank Account through DNS Redirections on Home Routers

Loredana BOTEZATU

February 07, 2014

Promo Protect all your devices, without slowing them down.
Free 30-day trial
Criminals Clear Bank Account through DNS Redirections on Home Routers

Fraudsters redirect users` bank-related queries to phishing webpages and steal their banking login data by exploiting vulnerabilities in home routers, according to security researchers of Poland`s Computer Emergency Response Team (CERT Polska).

Hackers use the software bugs to remotely modify the router DNS setting. Every time users from inside the network attempt to connect to an online banking service, they land on a fake banking page.

Scammers steal users` log-in data the moment they type their username, passwords and TANs (transaction authentication numbers) into the counterfeited login forms, which then forward the data to the legitimate bank, but, most likely, modify the recipient`s account and amount of money. The transaction is then validated with the MTAN entered by the user. All this time, the entire transaction is forged. The result is unauthorized withdrawal from the victims` accounts.

Apparently, the attack only works with banking transactions originating from browsers, and not dedicated e-banking applications, because the latter would check the SSL certificate and fail.

This attack works no matter the device used to connect to the online banking accounts. The redirect is done at router level.

“The attack is possible due to several vulnerabilities in home routers that make DNS configuration susceptible to unauthorized remote modifications. The effects propagate to all users in local networks, regardless of hardware and system platform (provided they acquire DNS configuration from the router),” CERT Polska writes on its website.

How to prevent such attacks?

  • Make sure your routers are not accessible via the Internet.
  • When purchasing a home router, immediately change its default username and password to unique ones.
  • Regularly check for firmware updates and make sure you are using the most recent software for your router. Routers do not get automatic updates like operating systems, so do that manually ” look for and install the updates on the vendor`s page.
  • When you connect to a money-related webpage, manually type in the domain name and check for the signs of a secure connection ” a locked padlock and the presence of HTTPS.
  • All Polish users suspecting foul play should contact immediately CERT POLSKA at the following link and let them know about your suspicions.

tags

Industry News

Author

Loredana BOTEZATU

Loredana BOTEZATU

A blend of product manager and journalist with a pinch of e-threat analysis, Loredana writes mostly about malware and spam. She believes that most errors happen between the keyboard and the chair.

View all posts

Right now Top posts

Spam trends of the week: Crypto giveaways, false prophets, Fintech phishing scams and more hit user inboxes worldwide
Scam Spam

Spam trends of the week: Crypto giveaways, false prophets, Fintech phishing scams and more hit user inboxes worldwide

April 19, 2024

5 min read
Start Cyber Resilience and Don’t Be an April Fool This Spring and Beyond
Scam How to Tips and Tricks

Start Cyber Resilience and Don’t Be an April Fool This Spring and Beyond

April 01, 2024

2 min read
Spam trends of the week: Cybercrooks phish for QuickBooks, American Express and banking accounts
Spam Industry News Threats

Spam trends of the week: Cybercrooks phish for QuickBooks, American Express and banking accounts

November 28, 2023

4 min read
Protecting your important: Stick to these 8 cybersecurity tips for safe Black Friday and Cyber Monday deal hunting
Protecting Your Important How to Tips and Tricks

Protecting your important: Stick to these 8 cybersecurity tips for safe Black Friday and Cyber Monday deal hunting

November 08, 2023

4 min read

FOLLOW US ON SOCIAL MEDIA

You might also like

UK Becomes First Country to Ban IoT Devices with Default Passwords
Industry News Smart Home

UK Becomes First Country to Ban IoT Devices with Default Passwords
Silviu STAHIE

April 30, 2024

2 min read
London Drugs Closes Stores after Run-in with Hackers
Industry News

London Drugs Closes Stores after Run-in with Hackers
Filip TRUȚĂ

April 30, 2024

2 min read
Belarusian KGB Website Hacked, Employee Information Stolen
Industry News Digital Privacy

Belarusian KGB Website Hacked, Employee Information Stolen
Silviu STAHIE

April 30, 2024

1 min read

Bookmarks

loader