Tools Used in GhostDNS Router Hijack Campaigns Dissected

CERT-LatestNews Malware ThreatsCybercrime
The source code of the GhostDNS exploit kit (EK) has been obtained and analyzed by researchers. GhostDNS is used to compromise a wide range of routers to facilitate phishing -- perhaps more accurately, pharming -- for banking credentials. Target routers are mostly, but not solely, located in Latin America.