Latest in Bug

Image credit:

Researcher creates malicious, router-controlling website

Share
Tweet
Share
Save

Sponsored Links


Like having control of your connection to the internet? Don't tell Dan Kaminsky that -- the researcher has developed a method of DNS attack utilizing typical D-Link or Linksys routers that can allow hackers to gain command of your gear. The winner-takes-all maneuver, which is called a "DNS rebinding attack," functions by putting JavaScript into play that fools your browser into altering your router's configuration, thus letting the operator remotely administer the device. The concept isn't water-tight, as it takes advantage of easily-guessable router admin passwords, though Kaminsky says the enabling bug exists as a "core issue" for browsers. The attack will be showcased at tomorrow's RSA security conference, where it's hoped the demonstration will raise awareness about router security vulnerability. In the meantime, we suggest you change that default password.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Share
Tweet
Share
Save

Popular on Engadget

Readers weigh in on what makes the OnePlus 7 Pro a worthy contender

Readers weigh in on what makes the OnePlus 7 Pro a worthy contender

View
Magic Leap reportedly only sold 6,000 AR headsets in six months

Magic Leap reportedly only sold 6,000 AR headsets in six months

View
AI-powered Lego sorter knows the shape of every brick

AI-powered Lego sorter knows the shape of every brick

View
Researchers create bone-inspired 3D-printed building materials

Researchers create bone-inspired 3D-printed building materials

View
'Death Stranding' update will fix tiny, hard-to-read text

'Death Stranding' update will fix tiny, hard-to-read text

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr