A new Android trojan has been discovered that can work through your wireless router and control the Wi-Fi network of its victims. Security researchers are calling it the Switcher Trojan, and it’s capable of redirecting all traffic from Wi-Fi-connected devices straight into the hands of those who built it. The result? Well, cybercriminals could get their hands on your data, leading to data theft and even identity theft.
The researchers come from Kaspersky Labs, and they say that this is the first time they’ve seen an Android trojan being used to attack wireless routers like this. The way it works is that the software uses a long, predefined list of login combinations, and if it’s able to gain access, it changes the DNS settings of the router, effectively rerouting traffic onto a network controlled by hackers.
The news certainly is troubling, as it means that it’s not only the Android device that’s affected — it’s all traffic on a network. So, if your Android phone is used, your computer and all other devices on the network could be monitored, too. Hackers could also use the method to load web pages that look the same as the original, but contain some extra content, like extra ads. And, of course, hackers could also use it to redirect users to pages that contain malware.
“The Trojan.AndroidOS.Switcher does not attack users directly. Instead, it targets the entire network, exposing all its users to a wide range of attacks – from phishing to secondary infection. The main danger of such tampering with routers’ settings is that the new settings will survive even a reboot of the router, and it is very difficult to find out that the DNS has been hijacked,” said Kaspersky Labs in its blog post.