Photo: Steve Marcus / Reuters
Cyber criminals have stolen Bank account details of the users, hacking routers. Unsuspecting users fall in fake websites of financial institutions and gave them their credentials, according to a study by Radware.
The exploit used for vehicles of the company DLink. Hackers used a special exploit, which remotely change the DNS settings of some routers or modems. This allowed them to seamlessly redirect users to the cloned websites of financial institutions. The attack affected two Brazilian Bank Itau Unibanco and Banco de Brasil.
Fake page looked identical to the original. Users were asked to specify all the details including mobile phone number and PIN-code of payment cards. The only sign of the attackers was the message about unprotected connection.
Experts have called this method of fraud is unique because it is produced without any user interaction. As a rule, attacks on the financial sector are implemented using phishing campaigns. For example, in this way were organized attacks on Russian banks groups Corkow, Carbanak and Buhtrap.
Video, photo All from Russia.