Personal tools
You are here: Home wikidblog "Drive-by Pharming" seen in the wild
« January 2009 »
Mo Tu We Th Fr Sa Su
      1 2 3 4
5 6 7 8 9 10 11
12 13 14 15 16 17 18
19 20 21 22 23 24 25
26 27 28 29 30 31  
 
2008/01/24

"Drive-by Pharming" seen in the wild

Symantec has spotted Drive-by pharming attacks in the wild

In one real-life variant that we observed, the attackers embedded the malicious code inside an email that claimed it had an e-card waiting for you at the Web site gusanito.com. Unfortunately the email also contained an HTML IMG tag that resulted in an HTTP GET request being made to a router (the make of which is a popular router model in Mexico). The GET request modified the router’s DNS settings so that the URL for a popular Mexico-based banking site (as well as other related domains) would be mapped to an attacker’s Web site.
Attacks like these point out the need for mutual authentication in addition to two-factor authentication for sessions.

Category(s)
Two Factor Authentication
Authentication Attacks
Mutual Authentication
Add comment

You can add a comment by filling out the form below. Plain text formatting. Comments and Trackbacks are moderated.

(Required)
(Required)
(Required)
(Required)
This helps us prevent automated spamming.

Start using WiKID today
Got Questions? Get Answers.