Author Topic: Malicious script  (Read 4129 times)

0 Members and 1 Guest are viewing this topic.

May 05, 2015, 02:30:30 am
Read 4129 times

Weyne

  • Full Member

  • Offline
  • ***

  • 88
This site uses a malicious script that makes automatic login in some modem models and performs modifications of DNS:
Code: [Select]
http://www.cavokbrasil.com
This site is running a malicious script:
Code: [Select]
http://cavokbrasil.com/blog/cavokbrasil.js
This script modifies the Nameservers of the affected modems. The Nameservers are changed for these:
Code: [Select]
65.181.113.176
65.181.113.192

One of the affected modem models is the TP-Link TD-8810.