New variant of Trojan.Flush.M DNS trojan taints entire LAN from single box

A new variant of Trojan.Flush.M can hijack the security settings of a wide variety of devices on a local area network, even when they are hardened or don't run on Windows operating systems. Once activated, the trojan sets up a rogue DHCP, or dynamic host configuration protocol, server on the host machine. From there, other […]

A new variant of Trojan.Flush.M can hijack the security settings of a wide variety of devices on a local area network, even when they are hardened or don't run on Windows operating systems. Once activated, the trojan sets up a rogue DHCP, or dynamic host configuration protocol, server on the host machine. From there, other devices using the same LAN are tricked into using a malicious domain name system server, instead of the one set up by the network administrator. The rogue DNS server sends the devices to fraudulent websites that in many cases can be hard to identify as impostors.

Full Article