Published in Network

Router malware injects porn into webpages

by on26 March 2015


That is our excuse and we are sticking to it

If your boss gets upset with you for watching porn at work you should immediately blame his routers.

A new variant of router malware has been uncovered that injects unwarranted ads and pornography into websites by modifying the router's DNS settings.

The malware can hijack nearly every website on the internet, but it is being mostly used to peddle porn sites.

Uncovered by Ara Labs, the router malware intercepts the Google Analytics code found in most websites, redirecting requests to the attacker's server that sends back ads and porn in response.

Since so many websites use Google Analytics for traffic statistics, it becomes the perfect target for this sort of DNS attack.

It can be quite a lucrative business if the hackers can infect a large number of routers.

The hackers install the malware by exploiting the fact that many people don't change their router's default login credentials. It attempts to send unauthenticated configuration requests to routers.

Ara Labs didn't specify what routers are affected, but keeping your router's firmware up to date and changing the default login credentials pretty much protects the system.

Traditional anti-virus software won't pick up router-based malware, as no component of the malware is actually installed on your PC.

(Picture thanks to https://privacycanada.net).

Last modified on 08 April 2019
Rate this item
(5 votes)

Read more about: