Hacker group incorporates DNS hijacking into its malicious web site marketing campaign

DNS hijacking concept.

Enlarge / DNS hijacking idea.

Researchers have uncovered a malicious Android app that may tamper with the wi-fi router the contaminated telephone is related to and power the router to ship all community units to malicious websites.

The malicious app, discovered by Kaspersky, makes use of a way generally known as DNS (Area Identify System) hijacking. As soon as the app is put in, it connects to the router and makes an attempt to log in to its administrative account by utilizing default or generally used credentials, similar to admin:admin. When profitable, the app then modifications the DNS server to a malicious one managed by the attackers. From then on, units on the community may be directed to imposter websites that mimic reliable ones however unfold malware or log person credentials or different delicate data.

Able to spreading extensively

“We imagine that the invention of this new DNS changer implementation is essential when it comes to safety,” Kaspersky researchers wrote. “The attacker can use it to handle all communications from units utilizing a compromised Wi-Fi router with the rogue DNS settings.”

Learn eight remaining paragraphs | Feedback

Leave a Reply

Your email address will not be published. Required fields are marked *