Monday, 3 March 2014

Two London IP addresses have compromised over 300,000 computers




Researchers at the security firm Team Cymru have discovered a massive network of a router exploits that has effectively hijacked the internet for more than a quarter of a million computers. The exploit works by redirecting computers to different DNS servers, allowing the network to misdirect web traffic from its victims. There's no evidence of spoofing campaigns yet, but the team is still investigating. "What we've seen so far is a little mysterious," said Steve Santorelli, a researcher at Cymru. "300,000 machines going to different DNS servers." Even stranger, it all seems to be coordinated by two IP addresses located in London, both registered to a hosting company called 3NT Solutions.
"What we've seen so far is a little mysterious."
...Continue reading…