NEW YORK: Drive-by pharming is the latest method adopted by cyber criminals to exploit vulnerabilities on the networks and fleece unwary internet users.
Security services firm Symantec Corp has warned that unsecured wireless routers are vulnerable to these attacks and there could be material losses as a result of such attacks.
The company's Security Response, in association with Indiana University School of Informatics, has carried out a study on pharming and has found that the attackers adopted dangerous methods that not only directed users to malicious sites, but also permanently changed router settings, thereby exposing the victims to continuous attacks.
Nearly 50 per cent of all home broadband users are susceptible to the threat, said Symantec. It advises users to change their default router passwords and employ a multilayered security strategy.
The criminals have concentrated on home routers, especially those using default settings and passwords, said Symantec, which can be reconfigured and directed to malicious websites.
In traditional pharming, an attacker redirects a user to a bogus website that contains malicious code. These attacks can be triggered either by changing the host file on a victim's PC or by manipulating a domain name system (DNS) server.
However, in the new pharming attacks, when a user visits a malicious website, the attacker is able to remotely change the DNS settings on the broadband router or wireless Relevant Products/Services access point and reroute requests for legitimate sites -- like online banking sites or financial institutions -- to bogus sites and then steal the login information. People can lose their hard-earned money by the nefarious activities of the criminals, Symantec said.
Oliver Friedrichs, director of Symantec Security Response, said in a statement the research exposes a problem affecting millions of broadband users worldwide. Because of the ease by which drive-by pharming attacks can be launched, it is vital that consumers adequately protect their broadband routers and wireless access points today.
Symantec has also advised router manufacturers to change their system of giving default passwords so that each router can be set up with a unique password.
