Though not entirely successful, a DNS-changing malware has raised some eyebrows with its ability to install a rogue DHCP server and may have the potential to cover its digital tracks.
Various blog postings wrote on the malware last week and said while it isn't an immediate threat, its ability to potentially steal users' personal information was an innovative approach, SCMagazineus.com reports.
Infected systems are turned into DHCP servers, which reply to request packets containing malicious DNS servers, according to the website. Users who receive the "malicious packets" will be redirected to websites controlled by the cybercriminal.
Through their research, SANS Internet Storm Center told the website the malware does not have a 100 percent success rate, though it was "very interesting."
"First, it's about a race between the rogue DHCP server and the legitimate one. Second, once a machine has been poisoned it is impossible to detect how it actually got poisoned in the first place," wrote Bojan Zdrnja, SANS handler on the organization's blog. In the post, Zdrnja confirmed the malware was in the wild.
This may be a preview of the cybercrime innovation to come next year as multiple reports have stated the rise in creative cyberattacks.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment