For more information about this operation, visit the following ESET resources:
Win32/RBrute.A scans the Internet for router administration pages in order to change the entry for their primary DNS server. The rogue DNS server then redirects users to fake web sites that are part of the Win32/Sality operation.
At the time of our investigation, the following routers have been targeted by Win32/RBrute.A:
Figure 1-1
Click the image to view larger in new window
If the router you are using does not use current security technology, you can lessen the risk to your system by purchasing a newer router.
Contact ESET Technical Support.