FT : Warkitting & Drive-By-Pharming

Wednesday, February 21, 2007

Today’s home computer users face a plethora of alarming new threats from malware (malicious software) designed to infiltrate their machines and steal personal and financial information, security experts have warned.  The latest weak point, only just recognised by security specialists, is the “router” that controls every home broadband network, the experts told the American Association for the Advancement of Science on the closing day of its annual meeting in San Francisco.  This turns out to be vulnerable to “warkitting” and “drive-by pharming” – two related forms of attack in which criminals change settings on the router.  They can then direct the unwitting user to a fraudulent web page where his or her confidential information can be extracted.  Unlike the more blatant methods of “phishing” for the user’s financial information, warkitting does not require the user to visit a risky website or respond to a fraudulent e-mail.  “You might, for example, click on an innocent-looking ad on Google,” said Markus Jakobsson of Indiana University.  “That would be enough for the malware to take control of your router.  Then if you enter the genuine web address of your bank, for example, the router will direct you to a [false] web page.”  Antiviral and anti-phishing software will not guard against this threat, which originates in the router rather than the computer itself.  But Zulfikar Ramzan, a malware expert with Symantec, the Californian computer security company, said he and his colleagues wanted to draw public attention to the risk “because there is something very simple people can do about it. All you have to do is change the password on your home broadband router”.  The threat arises because most home users do not bother to change the default password provided by router manufacturers such as D-Link, Linksys and Netgear.  A study by Professor Jakobsson and colleagues found that about half of all home routers were vulnerable to attack because they had obvious, pre-set or nonexistent passwords.  “Yet it takes only two minutes to change the password to something secure,” said Mr Ramzan.

Researchers and computer professionals have only recently come to appreciate how much human weakness undermines internet security.  Experts assume that users will configure and use programs correctly, said Prof Jakobsson.  “This often is not the case.  Programs are often poorly configured, users chose weak and obvious passwords, or default passwords are not replaced,” he said, “and the reality is that many users don’t notice the presence of important warnings.”  The old style of malware, written by people who wanted to cause trouble, made its presence obvious by displaying malicious messages, wiping out key programs and data or directing the user to obviously inappropriate websites.  The new style, written by financial criminals, takes the opposite approach – lying low in the computer and affecting its operations as little as possible so that the user does not realise it is there, gathering personal information.

Reference : http://www.ft.com/cms/s/478c3c42-c0f1-11db-bf18-000b5df10621.html

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: