Gigantic 100,000-strong botnet used to hijack traffic meant for Brazilian banks

From zdnet.com

ghostdns.png

Over 100,000 routers have had their DNS settings modified to redirect users to phishing pages. The redirection occurs only when users are trying to access e-banking pages for Brazilian banks.

Around 88% of these routers are located in Brazil, and the campaign has been raging since at least mid-August when security firm Radware first spotted something strange.

But according to a new report published last week by Chinese cyber-security firm Qihoo 360, the group behind these attacks have stepped up their game.

By analyzing massive amounts of collected data, Qihoo 360’s Netlab division gained a deep look into the group’s modus operandi.

Read more here