Select Page

DNSChanger Exploit Targets Routers Through Web Browsers

Proofpoint recently discovered a variant of the DNSChanger exploit kit (EK), which is commonly used in malvertising campaigns. The latest version infects physical internet routers through web browsers. But instead of poking holes in a victim’s browser or computer, DNSChanger exploits vulnerabilities in the router itself.

The method of the attack is fairly sophisticated in execution. It starts when a cybercriminal buys legitimate ad space on a website and posts a file that has been poisoned with JavaScript. At first, the JavaScript simply makes a Web Real-Time Communication (WebRTC) request directed at a Mozilla STUN server that will be able to deliver the victim’s local IP address.

Download your "Special Report on Passwords and Password Security"

You have Successfully Subscribed!

The Next Masterclass is Coming Soon!

Fill out the form below and be notified as soon as the registration for the next Masterclass opens.

Thank you, we'll notify you as soon as the Masterclass registration opens!