Drive-By Pharming: This Nasty Attack Technique Looks Significant
The first time I learned of the concept of drive-by pharming was when reading about a presentation given by application security expert Jeremiah Grossman at Black Hat in mid-2006. It's a concerning attack technique, not just because it enables an attacker to do nasty things, but also because of how passively Web users can become victimized. Until very recently, this attack was merely theoretical.
January 23, 2008
The first time I learned of the concept of drive-by pharming was when reading about a presentation given by application security expert Jeremiah Grossman at Black Hat in mid-2006. It's a concerning attack technique, not just because it enables an attacker to do nasty things, but also because of how passively Web users can become victimized. Until very recently, this attack was merely theoretical.According to security firm Symantec, it has seen the attack under way in the real world. And in order to get nailed with this, all you need is to have the factory-set password in place, and click on the wrong Web page, or simply view the wrong e-mail, since the attack is most often inflicted through specially crafted HTML or JavaScript.
The attacker then reconfigures the targeted router's DNS server settings. Now, the attacker effectively controls the victim's Internet connection. According to Symantec, the attack they spotted redirects users trying to access a popular Mexican bank's Web site in Mexico to a malicious Web site instead.
That makes this attack so dangerous to not only anyone who has failed to reset their factory router passwords, but anyone who visits a site managed by anyone who also has failed to do the same.
On its blog, Symantec goes into more detail, and lists some things that can be done to protect yourself. Things that should already have been done in the first place: stay away from untrustworthy sites, don't blindly click links in e-mail, and change the default router password. Let's hope many home users and business do the latter. Like, now.
About the Author
You May Also Like
A Cyber Pros' Guide to Navigating Emerging Privacy Regulation
Dec 10, 2024Identifying the Cybersecurity Metrics that Actually Matter
Dec 11, 2024The Current State of AI Adoption in Cybersecurity, Including its Opportunities
Dec 12, 2024Cybersecurity Day: How to Automate Security Analytics with AI and ML
Dec 17, 2024The Dirt on ROT Data
Dec 18, 2024