From: "smurf" <smurf@smurf.com>
| Spotted it today, a dg834g netgear router was accessed by some malicious
| software which followed a limewire download. The software logged onto the
| router (using default password) and changed dns settings from automatic to a
| set of manual addresses.
| The consequence was, of say a google search, any link had a results5 prefix.
| The standard fix for results5 infections was the tdds killer etc, of course
| no good here as the source of the problem was hte router.
| removed the dns addresses, changed the password on the router and flushed
| the dns cache of the connected machines.
| First time come across this.
http://www.trustedsource.org/blog/42...s-into-routers
http://www.pc1news.com/news/0017/war...-settings.html
http://vil.nai.com/vil/content/v_141841.htm
--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
Reply With Quote