CVE-2026-0625

Multiple D-Link DSL/DIR/DNS devices contain an authentication bypass and improper access control vulnerability in the dnscfg.cgi endpoint that allows an unauthenticated attacker to access DNS configuration functionality. By directly requesting this endpoint, an attacker can modify the device’s DN...

IT threat evolution Q1 2023

IT threat evolution in Q1 2023 IT threat evolution in Q1 2023. Non-mobile statistics IT threat evolution in Q1 2023. Mobile statistics Targeted attacks BlueNoroff introduces new methods bypassing MotW At the close of 2022, we reported the recent activities of BlueNoroff, a financially motivated...

Roaming Mantis Malware Returns with DNS Changer Capability

By Deeba Ahmed Roaming Mantis malware was last seen in April 2018 targeting iOS and Android devices with cryptocurrency mining malware but this time, it has new DNS changer capabilities. This is a post from HackRead.com Read the original post: Roaming Mantis Malware Returns with DNS Changer...

Roaming Mantis implements new DNS changer in its malicious mobile app in 2022

Roaming Mantis a.k.a Shaoye is well-known as a long-term cyberattack campaign that uses malicious Android package APK files to control infected Android devices and steal device information; it also uses phishing pages to steal user credentials, with a strong financial motivation. Kaspersky has be...

Exploit for OS Command Injection in Webmin

PoC exploit for CVE-2019-15107 DNSChanger on home routers. The target product/service is Shuttle Tech ADSL Modem-Router 915 WM. The vulnerability class/vector is DNSChanger. The probable entry point is the routerhunter.py script. Notable dependencies/tooling include requests, random, time,...

Kali-Whoami - A Privacy Tool Developed To Keep You Anonymous On Kali Linux At The Highest Level

The purpose of the Whoami tool makes you as anonymous as possible on Kali linux. It is an user friendly with its ease of use and simple interface. It follows two different paths to ensure the highest possible level of anonymity. Finally, don't forget that there is never a hundred percent security...

GhostDNS: New DNS Changer Botnet Hijacked Over 100,000 Routers

Chinese cybersecurity researchers have uncovered a widespread, ongoing malware campaign that has already hijacked over 100,000 home routers and modified their DNS settings to hack users with malicious web pages—especially if they visit banking sites—and steal their login credentials. Dubbed...

Tenda W3002R/A302/w309r Wireless Router 5.07.64_en DNS Changer

Tenda W3002R/A302/w309r Wireless Router V5.07.64en Cookie Session Weakness Remote DNS Change PoC Copyright 2018 c Todor Donev https://ethical-hacker.org/ https://facebook.com/ethicalhackerorg Once modified, systems use foreign DNS servers, which are usually set up by cybercriminals. Users with...

Tenda W308R V2 Wireless Router 5.07.48 DNS Changer

Tenda W308R v2 Wireless Router V5.07.48 Cookie Session Weakness Remote DNS Change PoC Copyright 2018 c Todor Donev https://ethical-hacker.org/ https://facebook.com/ethicalhackerorg Once modified, systems use foreign DNS servers, which are usually set up by cybercriminals. Users with vulnerable...

D-Link ADSL DSL-2640U IM_1.00 Unauthenticated Remote DNS Changer

!/bin/bash D-Link ADSL DSL-2640U IM1.00 Unauthenticated Remote DNS Change Exploit Copyright 2017 c Todor Donev https://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg Description: The vulnerability exist in the web interface, which is accessible without authentication. Once...

Tenda ADSL2/2+ Modem 963281TAN Unauthenticated Remote DNS Changer

!/bin/bash Tenda ADSL2/2+ Modem 963281TAN Unauthenticated Remote DNS Change Exploit Copyright 2016 c Todor Donev https://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg Description: The vulnerability exist in the web interface, which is accessible without authentication. Once...

PLANET VDR-300NU ADSL Router Unauthenticated Remote DNS Changer

!/bin/bash PLANET VDR-300NU ADSL ROUTER Unauthenticated Remote DNS Change Exploit Copyright 2016 c Todor Donev https://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg Description: The vulnerability exist in the web interface, which is accessible without authentication. Once...

COMTREND ADSL Router CT-5367 C01_R12 Unauthenticated Remote DNS Changer

!/bin/bash COMTREND ADSL Router CT-5367 C01R12 Unauthenticated Remote DNS Change Exploit Copyright 2016 c Todor Donev https://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg Description: The vulnerability exist in the web interface, which is accessible without authentication. On...

IntelBras WRN 340 Unauthenticated Remote DNS Changer Vulnerability

IntelBras WRN 340 ADSL modem router remote unauthenticated DNS changing exploit. !/usr/bin/perl IntelBras WRN 340 ADSL Modem-Router - Unauthenticated Remote DNS Change Exploit Discovered by: Gabriel P. Lipski - gpDOTlipskiATgmailDOTcom Brazil, sept. 2015. AVISO: Este codigo foi feito apenas para...

DNS Changer malware mastermind pleaded guilty

Remember the DNS Changer malware that infected at least four million computers in more than 100 countries, including 500,000 in the United States, with malicious software or malware ? Valeri Aleksejev, 32 years old from Estonia, is the first of the seven individuals to enter a plea, admitting his...

Firm Finds DNS Changer Infections Linger Inside Fortune 500

A report finds that around half of the Fortune 500 corporations and government agencies infected with the DNS Changer malware are still infected, two months after authorities moved to shut down the massive botnet. The report, by Krebsonsecurity.com, raises troubling questions about the security o...