Sciweavers

ICICS
2007
Springer

Drive-By Pharming

14 years 6 months ago
Drive-By Pharming
Inexpensive broadband routers are a popular way for people to create an internal, and sometimes wireless, network in their homes. By purchasing such a router and plugging it in, they can have a network set up in seconds. Unfortunately, by visiting a malicious web page, a person can inadvertently open up his router for attack; settings on the router can be changed, including the DNS servers used by the members of this small, quickly erected internal network. In this paper, we describe how a web site can attack home routers from the inside and mount sophisticated pharming attacks that may result in denial of service, malware infection, or identity theft among other things. Our attacks do not exploit any vulnerabilities in the user’s browser. Instead, all they require is that the browser run JavaScript and Java Applets. We also propose countermeasures to defeat this type of malware — new methods that must be used since the traditional technique of employing client-side security softw...
Sid Stamm, Zulfikar Ramzan, Markus Jakobsson
Added 08 Jun 2010
Updated 08 Jun 2010
Type Conference
Year 2007
Where ICICS
Authors Sid Stamm, Zulfikar Ramzan, Markus Jakobsson
Comments (0)