Posted on the Symantec Website by Zulfikar Ramzan
I wanted to talk about a recent new attack, called Drive-By Pharming, which I co-developed with Sid Stamm and Markus Jakobsson of the Indiana University School of Informatics. It allows attackers to create a Web page that, simply when viewed, results in substantive configuration changes to your home broadband router or wireless access point. As a result, attackers gain complete control over the conduit by which you surf the Web, allowing them to direct you to sites they designed (no matter what Web address you direct your Web browser to).
I believe this attack has serious widespread implications and affects many millions of users worldwide. Fortunately, this attack is easy to defend against as well. In this blog entry, I’ll describe the attack, mention some prior related work, and then go over best practices.
No comments:
Post a Comment