Latest in Bug

Image credit:

Researcher creates malicious, router-controlling website

Share
Tweet
Share
Save

Sponsored Links


Like having control of your connection to the internet? Don't tell Dan Kaminsky that -- the researcher has developed a method of DNS attack utilizing typical D-Link or Linksys routers that can allow hackers to gain command of your gear. The winner-takes-all maneuver, which is called a "DNS rebinding attack," functions by putting JavaScript into play that fools your browser into altering your router's configuration, thus letting the operator remotely administer the device. The concept isn't water-tight, as it takes advantage of easily-guessable router admin passwords, though Kaminsky says the enabling bug exists as a "core issue" for browsers. The attack will be showcased at tomorrow's RSA security conference, where it's hoped the demonstration will raise awareness about router security vulnerability. In the meantime, we suggest you change that default password.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Share
Tweet
Share
Save

Popular on Engadget

Engadget’s guide to Home Entertainment

Engadget’s guide to Home Entertainment

View
'League of Legends: Wild Rift' will land on mobile and consoles in 2020

'League of Legends: Wild Rift' will land on mobile and consoles in 2020

View
Riot celebrates ten years of 'LoL' by finally announcing new games

Riot celebrates ten years of 'LoL' by finally announcing new games

View
Watch Tesla's crash test lab wreck Model 3s to make them safer

Watch Tesla's crash test lab wreck Model 3s to make them safer

View
TiVo's 'free' streaming service starts rolling out

TiVo's 'free' streaming service starts rolling out

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr