A malicious campaign deployed by cybercriminals aims at changing the Domain Name System (DNS) server settings in router configuration, responsible for retrieving the correct web pages from legitimate web servers.
An attacker changing these settings can point to malicious locations, exposing the victim to a wide range of risks varying from credential stealing and ad-fraud to traffic interception and malware delivery.
Google public DNS address used as a failover
Cybercriminals behind this campaign rely on a technique called cross-site request forgery (CSRF), which allows malicious requests from a website to be executed by the browser on a different page, without user consent.
A forum community dedicated to tech experts and enthusiasts. Come join the discussion about articles, computer security, Mac, Microsoft, Linux, hardware, networking, gaming, reviews, accessories, and more!