Arstechnica: Researchers said they have uncovered yet another mass compromise of home and small-office wireless routers, this one being used to make malicious configuration changes to more than 300,000 devices made by D-Link, Micronet, Tenda, TP-Link, and others.
The hackers appear to be using a variety of techniques to commandeer the devices and make changes to the domain name system (DNS) servers used to translate human-friendly domain names into the IP addresses computers use to locate their Web servers, according to a report published Monday by researchers from security firm Team Cymru. Likely hacks include a recently disclosed cross-site request forgery (CSRF) that allows attackers to inject a blank password into the Web interface of TP-Link routers. Other attack techniques may include one that allows wireless WPA/WPA2 passwords and other settings to be remotely changed.