Researchers citing data from Bitdefender security products are warning that a hack of Linksys and D-Link routers for homes and small offices is redirecting users to malicious sites posing as COVID-19 informational resources.
The researchers believe the hackers are guessing passwords used to secure the routers' remote management console when the feature is turned on, or are guessing credentials for users' Linksys cloud accounts.
The hacks redirect users to malicious sites that install malware or attempt to phish passwords.
Bitdefender’s Liviu Arsene said the spoofed sites close port 443, the Internet gate that transmits traffic protected by HTTPS authentication protections, preventing the display of warnings from browsers or email clients that a TLS certificate is invalid or untrusted.
The researchers said these routers should have remote administration turned off whenever possible.
From Ars Technica
View Full Article
Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA