More than 300,000 small office and home office routers, most in Europe and Asia, were compromised in a campaign that started in mid-December, continuing a rash of security incidents involving home and small business networking equipment.
A company registered in London appears to be at the centre of a massive attack that's redirecting traffic from 300,000 routers, a security firm has said.
Team Cymru, a security firm based in Florida, said it was examining a "widespread compromise" of consumer and small office/home office (SOHO) routers in Europe and Asia.
The routers' DNS settings were changed to two IP addresses, both of which are for machines that are physically in the Netherlands, but registered with UK company 3NT Solutions.
Cymru's Santorelli stressed that the router attack was serious. "It's not new as an issue to the InfoSec community but this is one of the biggest we've seen recently as it's quite insidious," he said.
The attack is possible due to several vulnerabilities in home routers that make DNS configuration susceptible to unauthorized remote modifications.
To stay safe, Santorelli recommended checking your router's DNS settings, ensuring that the IP addresses you end up at are legitimate, and updating your firmware.