The tale of one thousand and one ADSL modems
Fabio Assolini Kaspersky Lab
One firmware vulnerability, two malicious scripts, three hardware manufacturers, 35 malicious DNS servers, thousands of
compromised ADSL modems, millions of victims.
It sounds like the trailer for a Hollywood blockbuster, but it's the real story of Brazil's biggest cybercriminal attack,
affecting local ISPs and ADSL modems and exposing millions of customers of the country's leading banks to a mass drive-by
In this presentation we will show how Brazilian cybercriminals exploited an under-the-radar vulnerability which affected
thousands of outdated ADSL modems across the country. This enabled an attack on network devices belonging to millions of
individual and business users, spreading malware and engineering malicious redirects over the course of several months. It
was an unbelievable scenario, fuelled by widespread neglect of ISPs, blunders from hardware manufacturers, under-educated
users and official apathy. Thousands of desperate, confused customers ending up looking for advice and solutions from the
tech support of anti-malware companies.
We will also undertake a deep analysis to examine how anti-virus companies lack the capacity to detect exploits which
attack network devices, and explore ways of dealing with the problem.
del.icio.us digg this