Ongoing Hijack DNS Attack to be Found

Attackers use old vulnerabilities and they are targeted at unupdated consumer devices
05 April 2019   708

Researchers at Bad Packets revealed a continuing wave of automated attacks from December aimed at changing DNS settings on home and office routers. In case of a successful attack on the device, DNS servers of attackers are registered, which return fake IP addresses for some domains, which leads to redirection to scam sites created for phishing and capturing authentication parameters.

The attack is aimed at hitting routers running non-updated firmware containing known vulnerabilities. For example, to attack D-Link devices, a vulnerability identified as early as 2015 is used, allowing you to change the DNS settings without passing authentication. To scan the network, hacked Google Cloud environments are used.

During the attack, D-Link routers (DSL-2640B, DSL-2740R, DSL-2780B and DSL-526B), ARG-W4 ADSL, DSLink (260E), Secutech and TOTOLINK are affected. The largest number of compromised systems falls on the D-Link DSL-2640B (14327 vulnerable devices) and TOTOLINK (2265 vulnerable devices) devices. After a successful attack on the device, one of the DNS servers controlled by the attackers is registered: 144.217.191.145, 66.70.173.48, 195.128.124.131 and 195.128.126.165.

LineageOS Team to Report on Project Updates

Since March, the number of assemblies provided by the project replaced CyanogenMode has increased to 36 devices
03 July 2019   418

The developers of the LineageOS project, which replaced CyanogenMod after abandoning the project of Cyanogen Inc, published a report on the development of the LineageOS 16 branch based on the Android 9 platform. Since March, the number of assemblies provided by the project has increased to 36 devices. Recent changes are noted:

  • AOSP’s Night Display now controls night mode (on recent devices only, such as those with a Snapgragon 820 or more recent)
  • LiveDisplay remains available for all its other features
  • The volume panel can now be expanded to control all the various volume streams
  • The volume panel can now be optionally relocated to the left
  • Expanded quick settings are back
  • Detailed views for the following tiles are available: Wi-Fi, Bluetooth, Mobile Data, Location, Profiles
  • New default wallpaper and a new wallpapers app with many new, and old, wallpapers
  • Other than the usual nature, urban and abstract themed wallpapers, monochromatic and gradients wallpapers are now available
  • Privacy Guard now supports apps in the Work Profile
  • It’s possible to add up to two LockScreen shortcuts again
  • Circle battery is back after being missing since LineageOS 13.0
  • Notification ringtone level can be unlinked from phone calls ringtone level
  • GPS battery saving mode can now be enabled from the Settings
  • Vim has been updated to version 8.1
  • Nano has been updated to version 4.2
  • Fixed issue were using certain private DNS caused devices to crash thanks to backported fix from Q
  • Support for bluetooth SBC DualChannel HD has been added (both 15.1 and 16.0)
  • Performance improvements for Eleven (music player app) (both 15.1 and 16.0)
  • Updated call recording configurations (both 15.1 and 16.0)

Additionally, developers mark the termination of the formation of assemblies LineageOS 15.1 for Google Nexus 4, Asus Zenfone Max Pro M1, Nvidia Shield Tablet, Samsung Galaxy S9, Samsung Galaxy S9 + and ZTE Axon 7.

Get more info at official website.