I got this from Bruce Schneier’s site. Looks like the guys at Symantec have developed a way to change the DNS settings on your home broadband router’s DHCP scope by drawing you into a malicious website with some bad Java code. So when your PC gets its IP address from your broadband router, it directs your home computer’s web requests to a malicious DNS server. So now, for example. instead of going to your bank’s website, your requests are getting redirected to an address of the attackers choice that looks like your banks website.
The basic lesson is to change your broadband router’s password to something different than the default (and something difficult to guess).
Here’s the explanation. Very cool, and pretty scary for all those people who never change the default password on their broadband routers (which is most people).
Bruce also makes this very good point:
Note that the attack does not require the user to download any malicious software; simply viewing a web page with the malicious JavaScript code is enough.
Vet
