Trojan accesses routers to alter DNS data
July 1st, 2008. Published under Uncategorized. No Comments.
Hackaday.com posted this a few weeks ago, but it is still worth mentioning. A variant of the trojan ZLOB attempts to access your router by trying default admin accounts and passwords of commonly used routers. If successful, the trojan will alter the DNS info to route traffic through the malicious servers, which would happen seamlessly to you, of course.
Juan makes a good point in his post, specifying that if the computer is cleaned of any malware, the already-compromised router would still be compromised, unbeknowest of you.