Sophisticated phishing malicious malware software now uses DNS to
direct users to fraudulent sites

http://www.itvendorsdirectory.ca/Online-Resources/sophisticated-phishing-malicious-malware-software-now-uses-dns-to-direct-users-to-fraudulent-sites.html

gomezpedro01 <gomezpedro01@gmail.com> wrote:
> Sophisticated phishing malicious malware software now uses DNS to
> direct users to fraudulent sites
>
> http://www.itvendorsdirectory.ca/Online-Resources/sophisticated-phishing-malicious-malware-software-now-uses-dns-to-direct-users-to-fraudulent-sites.html

*sigh*

When a phisher (or any other attacker) can tamper with your DNS settings
(or hosts file or whatever) you have far more serious problems than a
phishing attempt.

On every reasonably configured system this is a non-issue, because
normal users simply cannot tamper with these settings.

cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich

>> Sophisticated phishing malicious malware software now uses DNS to
>> direct users to fraudulent sites
>>
>> http://www.itvendorsdirectory.ca/Online-Resources/sophisticated-phishing-malicious-malware-software-now-uses-dns-to-direct-users-to-fraudulent-sites.html
>
> *sigh*
>
> When a phisher (or any other attacker) can tamper with your DNS settings
> (or hosts file or whatever) you have far more serious problems than a
> phishing attempt.
>
> On every reasonably configured system this is a non-issue, because
> normal users simply cannot tamper with these settings.
>
> cu
> 59cobalt

One version of this scenario is a hacker gets into the home router settings
because the user hasn't changed the default password and changes the DNS
server settings there. I don't know how vulnerable routers are to this
possibility, but it motivated motivated me to set a seriously hardened
password on the configuration.

Victek <victek@invalid.invalid> wrote:
>> When a phisher (or any other attacker) can tamper with your DNS
>> settings (or hosts file or whatever) you have far more serious
>> problems than a phishing attempt.
>>
>> On every reasonably configured system this is a non-issue, because
^^^^^^^^^^^^^^^^^^^^^
>> normal users simply cannot tamper with these settings.
>
> One version of this scenario is a hacker gets into the home router
> settings because the user hasn't changed the default password and
> changes the DNS server settings there.

I underlined the operative words for your convenience. "Default
password" does not match the criteria.

> I don't know how vulnerable routers are to this possibility,

They are.

> but it motivated motivated me to set a seriously hardened password on
> the configuration.

Good idea. You should also disable UPnP.

cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich