3

I see that when I browse on my mobile devices (phones, tablets) in my network, the browser gets redirected to malware/adware that says my device is damaged and I should repair it, install some software and blah blah.

I checked my router settings. Turns out that my DNS settings are changed. They are; Primary: 128.199.85.140 and Secondary: 8.8.8.8. All this while I have been using the "Automatic Assigned DNS" option which gives the ISP assigned DNS, which is automatically disabled now.. Even after enabling the "Enable Automatic Assigned DNS" option, the settings automatically revert back to the aforementioned IP addresses by disabling the "Enable Automatic Assigned DNS" option, after a while.

It's a DLink ADSL+Router. Here are the specs:

Software Version: IM_1.00

Software Date: Jun 11 2010

Bootloader (CFE) Version: before 1.0.37-5.12

Hennes
  • 65,804
  • 7
  • 115
  • 169
soupybionics
  • 203
  • 1
  • 2
  • 5

1 Answers1

6

There have been vulnerabilities in d-link routers relating to DNS where the DNS settings can be changed remotely. These have been reported as recently as last year. So if your firmware really dates to 2010, then it is likely that it contains this vulnerability, and you should get updated firmware from D-Link.

Here is an article.

Paul
  • 61,193