Mac and Windows users infected by software updates delivered over hacked ISP

DStvNothingOn

Expert Member
Joined
May 21, 2011
Messages
1,218
Reaction score
1,099
Location
Prince Edward Islands
This is super interesting attack vector, I am hopeful that from small to big SA ISPs take note and are proactive in their internal security.

The fact that using your own DNS doesn’t help, I’ve been trying to get DoH working with my tik but not there yet.

 
While *no operating system* is completely immune to threats, I'm fortunate to be using Linux.
I know the debate about Linux being a kernel but looking at it from a laymen perspective, it is an operating system. I have been using Linux for years and have not had any issues, but I do know that there has been people infected with malware on Linux.
 
Will the ISP be held accountable, or will it be another white wash with users paying the price for corporate incompetence?
 
Will the ISP be held accountable, or will it be another white wash with users paying the price for corporate incompetence?

Home routers in SA are the biggest culprit in this sort of attack. A vast percentage of people plug it in and forget about it.

Compromised routers just sit there but the clients internet is working so all is good in the clients mind.

Never mind that the router is now doing DNS redirects, pushing WPAD dhcp options to configure windows clients to use proxies, Ddos hives, you name it 💣, they basically on the clients LAN - eish! 💣💣

This was happening back in the ADSL days already.

Please update your routers folks 🙏
 
Will the ISP be held accountable, or will it be another white wash with users paying the price for corporate incompetence?
Are we holding the tyre companies and brake manufacturers accountable when you lose traction and crash?

Unless if the infiltration happens directly from the the isp I don't think that is what happens.
 
Home routers in SA are the biggest culprit in this sort of attack. A vast percentage of people plug it in and forget about it.

Compromised routers just sit there but the clients internet is working so all is good in the clients mind.

Never mind that the router is now doing DNS redirects, pushing WPAD dhcp options to configure windows clients to use proxies, Ddos hives, you name it 💣, they basically on the clients LAN - eish! 💣💣

This was happening back in the ADSL days already.

Please update your routers folks 🙏

Don't disagree with updating your routers but this attack has nothing to do with the router.

This is intercepting http traffic and redirecting to a different server which then downloads a malicious file.
 
This is super interesting attack vector, I am hopeful that from small to big SA ISPs take note and are proactive in their internal security.

The fact that using your own DNS doesn’t help, I’ve been trying to get DoH working with my tik but not there yet.

DoH working on my tik. It just took following the right guide. IIRC I was fiddling with the wrong interface at one point instead of the bridge.
 
can you please share the said guide, still struggling my side.
I think it was this guide:
 
Top
Sign up to the MyBroadband newsletter