Sophisticated phishing malicious malware software now uses DNS to

Sophisticated phishing malicious malware software now uses DNS to

am 31.01.2008 14:50:50 von gomezpedro01

Sophisticated phishing malicious malware software now uses DNS to
direct users to fraudulent sites

http://www.itvendorsdirectory.ca/Online-Resources/sophistica ted-phishing-malicious-malware-software-now-uses-dns-to-dire ct-users-to-fraudulent-sites.html

Re: Sophisticated phishing malicious malware software now uses DNS to ?direct users to fraudulent si

am 31.01.2008 16:05:50 von Ansgar -59cobalt- Wiechers

gomezpedro01 wrote:
> Sophisticated phishing malicious malware software now uses DNS to
> direct users to fraudulent sites
>
> http://www.itvendorsdirectory.ca/Online-Resources/sophistica ted-phishing-malicious-malware-software-now-uses-dns-to-dire ct-users-to-fraudulent-sites.html

*sigh*

When a phisher (or any other attacker) can tamper with your DNS settings
(or hosts file or whatever) you have far more serious problems than a
phishing attempt.

On every reasonably configured system this is a non-issue, because
normal users simply cannot tamper with these settings.

cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich

Re: Sophisticated phishing malicious malware software now uses DNS to ?direct users to fraudulent si

am 31.01.2008 16:56:29 von Victek

>> Sophisticated phishing malicious malware software now uses DNS to
>> direct users to fraudulent sites
>>
>> http://www.itvendorsdirectory.ca/Online-Resources/sophistica ted-phishing-malicious-malware-software-now-uses-dns-to-dire ct-users-to-fraudulent-sites.html
>
> *sigh*
>
> When a phisher (or any other attacker) can tamper with your DNS settings
> (or hosts file or whatever) you have far more serious problems than a
> phishing attempt.
>
> On every reasonably configured system this is a non-issue, because
> normal users simply cannot tamper with these settings.
>
> cu
> 59cobalt

One version of this scenario is a hacker gets into the home router settings
because the user hasn't changed the default password and changes the DNS
server settings there. I don't know how vulnerable routers are to this
possibility, but it motivated motivated me to set a seriously hardened
password on the configuration.

Re: Sophisticated phishing malicious malware software now uses DNS to ?direct users to fraudulent si

am 31.01.2008 17:27:12 von Ansgar -59cobalt- Wiechers

Victek wrote:
>> When a phisher (or any other attacker) can tamper with your DNS
>> settings (or hosts file or whatever) you have far more serious
>> problems than a phishing attempt.
>>
>> On every reasonably configured system this is a non-issue, because
^^^^^^^^^^^^^^^^^^^^^
>> normal users simply cannot tamper with these settings.
>
> One version of this scenario is a hacker gets into the home router
> settings because the user hasn't changed the default password and
> changes the DNS server settings there.

I underlined the operative words for your convenience. "Default
password" does not match the criteria.

> I don't know how vulnerable routers are to this possibility,

They are.

> but it motivated motivated me to set a seriously hardened password on
> the configuration.

Good idea. You should also disable UPnP.

cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich