A newly discovered Android trojan can sabotage entire Wi-Fi networks and the users who connect to them by accessing the router that an infected device is communicating with and executing a Domain Name System (DNS) hijack attack. According to Kaspersky Lab on Wednesday via its Securelist blog, the malware, named Switcher, uses a compromised Android device to pull up the local router’s admin interface, and then attempts to gain top-level privileges by executing a brute-force attack that guesses commonly used or default log-in credentials. If successful, the malware opens the router’s WAN settings and changes the IP address of the primary DNS server to that of a rogue one operated by the cybercriminals behind the campaign.
View full story
ORIGINAL SOURCE: SC Magazine
