A newly discovered Android trojan can sabotage entire Wi-Fi networks and the users who connect to them by accessing the router that an infected device is communicating with and executing a Domain Name System (DNS) hijack attack. According to Kaspersky Lab on Wednesday via its Securelist blog, the malware, named Switcher, uses a compromised Android device to pull up the local router’s admin interface, and then attempts to gain top-level privileges by executing a brute-force attack that guesses commonly used or default log-in credentials. If successful, the malware opens the router’s WAN settings and changes the IP address of the primary DNS server to that of a rogue one operated by the cybercriminals behind the campaign.
ORIGINAL SOURCE: SC Magazine
The post ‘Switch’ leads to glitch: Android malware hijacks routers’ DNS settings appeared first on IT SECURITY GURU.
from ‘Switch’ leads to glitch: Android malware hijacks routers’ DNS settings