Got a Draytek Router? Guess what, there is a 0day. Check DNS Settings

Draytek Routers have an acknowledged 0 Day.   It has been seen in the wild!

One of the indicators that your router has been compromised is changing of your DNS Settings.  A change of DNS will allow Cyber Criminals to impersonate other websites allowing the bad guys to siphon your personal information.

 

It is a good idea to periodically check all your devices DNS Settings anyway.

A list of recommend DNS Server are (in no particular order)

9.9.9.9  – Quad 9, blocks known malware sites
1.1.1.1  – CloudFlare – Private and unfiltered
8.8.8.8  – Google – Fast DNS
185.228.168.168  – CleanBrowsing – Blocks Adult Sites
8.26.56.26 – Comodo – blocks malware sites
208.67.222.222 – OpenDNS, blocks malware sites, now owned by Cisco
77.88.8.7 – Yandex, blocks malware sites — Russian

https://www.draytek.co.uk/support/security-advisories/kb-advisory-csrf-and-dns-dhcp-web-attacks