How a Router gets auto-Hacked
Sunday, February 25th, 2007
1. you visit some website.
2. malicious javascript code changes your router’s DNS settings.
3. you get phished (you get a fake website targeted to steal your credentials).
This is a CSRF (cross site request forgery) that only works if your router has the default password and/or is always logged on.
Solution: (more…)
