Cybercriminals steal the bank details of users, hacking routers. Unsuspecting users came to fake sites of financial organizations and issued their own credentials, according to a study by Radware.

The vulnerability used concerns DLink devices. Hackers used a special exploit, which remotely changed the DNS parameters of some routers or modems. This allowed them to unnoticedly redirect users to clone sites, financial organizations' clones. Attacks affected two Brazilian banks – Itau Unibanco and Banco de Brasil.

Fake pages looked identical to the original. Users were asked to specify all the details, including the mobile phone number and payment card PIN. The only sign of the attackers' actions was the message about an unprotected connection.

Experts have called this method of fraud unique, since it is produced without any interaction with the user. As a rule, attacks on the financial sphere are realized with the help of phishing campaigns. For example, in this way, attacks on Russian banks of the Corkow, Carbanak and Buhtrap groups were organized.

Read also


Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.