Router Malware Spreads Banking Stealing Malware
Posted by: Timothy Weaver on 07/02/2015 09:40 AM
[
Comments
]
Symantec is tracking the spread of a dangerous virus called "Dyre," also known as "Upatre."
This piece of malware is highly dangerous and can steal your banking passwords and infects your browsers.
It was being delivered in the normal malicious manner by an attachment to a spam email. It would take you to a hacker-run site that would attack your browser or trick you into downloading and running an infected file.
Once downloaded, it would infect your browser and send out spam containing the virus. However, the virus has moved beyond just infecting computers.
The researches have seen hundreds of routers infected with Dyre that are communicating with hacker-run servers and sending out virus-filled spam. It is not clear how it is infecting the routers, but it is likely that the hackers are preying on the vulnerability inherent in the factory set passwords. Most new routers come with a default password that's the same for every model unit.
Hackers have lists of router models and their default passwords, which means if you don't change your router's password you're just inviting hackers in.
Source: Komando
This piece of malware is highly dangerous and can steal your banking passwords and infects your browsers.It was being delivered in the normal malicious manner by an attachment to a spam email. It would take you to a hacker-run site that would attack your browser or trick you into downloading and running an infected file.
Once downloaded, it would infect your browser and send out spam containing the virus. However, the virus has moved beyond just infecting computers.
The researches have seen hundreds of routers infected with Dyre that are communicating with hacker-run servers and sending out virus-filled spam. It is not clear how it is infecting the routers, but it is likely that the hackers are preying on the vulnerability inherent in the factory set passwords. Most new routers come with a default password that's the same for every model unit.
Hackers have lists of router models and their default passwords, which means if you don't change your router's password you're just inviting hackers in.
Source: Komando
Comments
