Symantec warned late this month of an attack involving the subversion of routers. This was the first time Symantec had seen such an attack, although they were aware it could happen. The attack targeted a Mexican bank. The intended victims received spam e-mail claiming they’d received an e-card, directing them to a popular Spanish language e-card site. But the email had image tags that contained an HTTP get-request to the router to change its Domain Name System settings. It then redirects traffic flowing overt he router to a specific IP address. Symantec claims this was a simple hack, but advised businesses to change their default security settings on routers and educate users about clicking on suspicious links.

Technorati Tags: symantec router compromise, symantec security warning, symantec attacks