Web

New JavaScript attack infects your phone and changes your router's DNS settings

javascript malware mobile theater smartphone
Loganban/123RF
Security firm Trend Micro has discovered an attack on home routers that involves malicious JavaScript, a mobile website, and a mobile device such as a smartphone. This attack has been taking place since December 2015, and so far focuses on Taiwan, Japan, and China. However, the United States is fourth on the attack list, so be prepared.

According to the report, a compromised mobile website can contain JavaScript that downloads another JavaScript with DNS changing routines to the visiting mobile device. Although this JavaScript can also be downloaded on a computer, the infection depends on the user’s medium — for example, JS_JITONDNS only infects mobile devices and triggers the DNS changing routine, while the JITON infection is triggered only if the user has a ZTE modem.

An examination of the code reveals that hackers are targeting routers sold by well known manufacturers such as D-Link, TP-LINK, and ZTE. The report points out that TP-LINK currently owns 28 percent of the router market while D-Link is in the top 10 with a seven percent market share. Given D-Link is based out of Taiwan and TP-LINK is in China, Trend Micro isn’t surprised by the high number of attacks in those regions.

“Cybercriminals behind this incident employ [an] evasive mechanism to go off the radar and continue the attack without arousing any suspicion from affected users. Such tactics include regularly updating the JavaScript codes to fix errors and constantly changing targeted home routers,” the report states. “The compromised websites are difficult to pinpoint due to the lack of any suspicious behavior.”

The DNS settings of a router can be overwritten thanks to the JavaScript code containing more than 1,400 login combinations, including a list of common passwords. There is also code in the JavaScript that can overwrite DNS settings by exploiting a specific vulnerability that currently exists in ZTE-based routers. Ultimately, hackers can remotely send any arbitrary command with administrator privileges to the router when it has been compromised.

However, Trend Micro specifically points out that the DNS changes can only be made if the victim accesses a compromised website on their mobile device. To prevent hackers from gaining control of their routers, all consumers need to do is to keep their home networking router’s firmware up to date, and to avoid using the default ID and password provided with the device when it shipped (like “admin” and ‘password”).

“Often times, people overlook the importance of keeping the firmware updated,” the report adds. “Administrative devices especially in the age of IoT are vulnerable to attacks that may pose risks to both user privacy and security. It is best to know how these smart devices operate and what kind of personal identifiable information these devices may collect.”

The list of countries affected by this mobile attack also includes France, Canada, Australia, Korea, Hong Kong, and the Netherlands, as Trend Micro reveals in a chart.

Attacks on home routers aren’t anything new although this version seems to be surfing the mobile trend in an emerging Internet-of-Things (IoT) world. Hackers can do all sorts of things with compromised routers including establishing a botnet, and programming specific DNS settings that send clueless victims to malicious websites. Unfortunately, most smartphones and tablets aren’t protected like desktops, so this new mobile JavaScript-based hack is certainly alarming to say the least.

Mobile

Apple Maps boosts Flyover locations, indoor mall maps, and more

In a boost for Apple Maps, the tech company has recently added more than 50 new locations for Flyover, the feature that offers spectacular 3D photo views of particular cities and famous landmarks around the world.
Computing

Lost your router? Here's how to find its IP address to help track it down

Changing the login information for your router isn't always easy, that's why so many have that little card on the back. But in order to use it, you need to know where to go. Here's how to find the IP address of your router.
Computing

Change your mouse cursor in Windows with these quick tips

The standard mouse cursor is boring, so change it! With this guide on how to change your mouse cursor in Windows, you can choose to use one of Microsoft's pre-installed cursors or download something a bit more extravagant.
Home Theater

Need to get rid of an unused Netflix profile? Just follow these simple steps

Need to delete an unwanted profile from your Netflix account? It's easy to do, no matter what kind of equipment you've got. Check out our handy how-to guide for step-by-step instructions.
Mobile

Is your smartphone frozen? Here's how to reset your iPhone

You can do a lot with an iPhone, but if you ever run into an issue with it, the first thing you should do is restart it. In this guide, we tell you how to reset your iPhone, and explain how it differs from a factory reset.
Computing

Make a GIF of your favorite YouTube video with these great tools

Making a GIF from a YouTube video is easier today than ever, but choosing the right tool for the job isn't always so simple. In this guide, we'll teach you how to make a GIF from a YouTube video with our two favorite online tools.
Smart Home

Booth babes, banned sex toys, and other mishaps at CES 2019

From female sex toys bans, to fake Tesla/robot collision stories, there was some weird stuff going on at CES 2019 this year. Here are some of the biggest mishaps and flubs at the world's biggest tech show.
Mobile

Google has found a clever way to make your search history more useful

Google has found a clever way to make more use of your search history by showing links to pages you've visited before. Ideal for repeat searches for the same page, the links show up on cards at the top of mobile search results.
Web

Shutdown makes dozens of .gov websites insecure due to expired TLS certificates

The US government shutdown is causing trouble in internet security. As the shutdown enters day 22, dozens of government websites have been rendered insecure or inaccessible due to expired transport layer security (TLS) certificates.
Computing

Our favorite Chrome themes add some much-needed pizzazz to your boring browser

Sometimes you just want Chrome to show a little personality and ditch the grayscale for something a little more lively. Lucky for you, we've sorted through the Chrome Web Store to find best Chrome themes available.
Social Media

A quick swipe will soon let you keep bingeing YouTube on mobile devices

The YouTube mobile app has a new, faster way to browse: Swiping. Once the update rolls out, users can swipe to go to the next (or previous) video in the recommended list, even while viewing in full screen.
Web

Switch up your Reddit routine with these interesting, inspiring, and zany subs

So you've just joined the wonderful world of Reddit and want to explore it. With so many subreddits, however, navigating the "front page of the internet" can be daunting. Here are some of the best subreddits to get you started.
Business

Cathay Pacific messes up first-class ticket prices — again

A couple of weeks ago, an error on Cathay Pacific's website resulted in first-class seats selling for a tenth of the price. On Sunday, January 13, the airline made the error again. The good news is that it'll honor the bookings.
Computing

Reluctant to give your email address away? Here's how to make a disposable one

Want to sign up for a service without the risk of flooding your inbox with copious amounts of spam and unwanted email? You might want to consider using disposable email addresses via one of these handy services.