Microsoft Switzerland Security Blog

Security informations brought to you by the Swiss Security Team.

New Zlob variant reconfigures routers

New Zlob variant reconfigures routers

  • Comments 2
  • Likes

A variant of the Zlob virus has emerged that can tweak DNS entries on standard commercial routers from an infected Windows PC. It uses a built-in list of standard router usernames and passwords. Successful attacks have already been observed on Linksys BEFSX41 routers and a Buffalo router using DD-WRT open source firmware.

Attackers can then redirect all internet traffic to their own servers. For the criminals, the advantage to manipulating a router is that it is more difficult for normal users to detect than an attack against a PC. The virus makes its way onto the computer by posing as a video codec, palmed off on users by malicious web sites.




Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment