A new evolution of Android malware has been discovered, using unsuspecting devices as tools to infect Wi-Fi routers.
Dubbed ‘The Switcher Trojan’ by Kaspersky Lab, the malware changes routers’ DNS settings and redirects traffic from connected devices to malicious websites controlled by the attackers, leaving users vulnerable to a range of different attacks.
So far the people behind the virus claim to have successfully infiltrated 1,280 wireless networks, predominantly located in China.
DNS servers work by turning a readable web address such as ‘silicon.co.uk’ into the numerical IP address required for computers to communicate with each other. The Switcher Trojan hijacks this process by intercepting the signal and redirecting the device to a fake website, giving attackers control over network activity.
It is spread by users downloading the trojan from one of two malicious websites created by the attackers. One is disguised as an Android client of the Chinese search engine Baidu and the other is a fake version of a popular Chinese app for sharing information about Wi-Fi networks.
Using a brute-force attack, the trojan tries to break in to the web admin interface of any infected device that connects to a wireless network which, if successful, enables it to swap the existing DNS server for a malicious one.
“The Switcher Trojan marks a dangerous new trend in attacks on connected devices and networks,” said Nikita Buchka, mobile security expert at Kaspersky Lab. “It does not attack users directly. Instead, it turns them into unwilling accomplices: physically moving sources of infection. The Trojan targets the entire network, exposing all its users, whether individuals or businesses, to a wide range of attacks – from phishing to secondary infection.
“A successful attack can be hard to detect and even harder to shift: the new settings can survive a router reboot, and even if the rogue DNS is disabled, the secondary DNS server is on hand to carry on. Protecting devices is as important as ever, but in a connected world we cannot afford to overlook the vulnerability of routers and Wi-Fi networks.”
Quiz: How much do you know about Google’s Android software?
Landmark ruling finds NSO Group liable on hacking charges in US federal court, after Pegasus…
Microsoft reportedly adding internal and third-party AI models to enterprise 365 Copilot offering as it…
Albania to ban access to TikTok for one year after schoolboy stabbed to death, as…
Shipments of foldable smartphones show dramatic slowdown in world's biggest smartphone market amidst broader growth…
Google proposes modest remedies to restore search competition, while decrying government overreach and planning appeal
Sega 'evaluating' starting its own game subscription service, as on-demand business model makes headway in…
