The researchers come from Kaspersky Labs, and they say that this is the first time they’ve seen an Android trojan being used to attack wireless routers like this. The way it works is that the software uses a long, predefined list of login combinations, and if it’s able to gain access, it changes the DNS settings of the router, effectively rerouting traffic onto a network controlled by hackers.
The news certainly is troubling, as it means that it’s not only the Android device that’s affected — it’s all traffic on a network. So, if your Android phone is used, your computer and all other devices on the network could be monitored, too. Hackers could also use the method to load web pages that look the same as the original, but contain some extra content, like extra ads. And, of course, hackers could also use it to redirect users to pages that contain malware.
“The Trojan.AndroidOS.Switcher does not attack users directly. Instead, it targets the entire network, exposing all its users to a wide range of attacks – from phishing to secondary infection. The main danger of such tampering with routers’ settings is that the new settings will survive even a reboot of the router, and it is very difficult to find out that the DNS has been hijacked,” said Kaspersky Labs in its blog post.
Editors' Recommendations
- The best Android VPN in 2021
- The best VPN for the iPhone or iPad in 2021
- How to use a VPN with your PlayStation 4
- How to reset your router
- The best antivirus software for 2021
