The researchers come from Kaspersky Labs, and they say that this is the first time they’ve seen an Android trojan being used to attack wireless routers like this. The way it works is that the software uses a long, predefined list of login combinations, and if it’s able to gain access, it changes the DNS settings of the router, effectively rerouting traffic onto a network controlled by hackers.
The news certainly is troubling, as it means that it’s not only the Android device that’s affected — it’s all traffic on a network. So, if your Android phone is used, your computer and all other devices on the network could be monitored, too. Hackers could also use the method to load web pages that look the same as the original, but contain some extra content, like extra ads. And, of course, hackers could also use it to redirect users to pages that contain malware.
“The Trojan.AndroidOS.Switcher does not attack users directly. Instead, it targets the entire network, exposing all its users to a wide range of attacks – from phishing to secondary infection. The main danger of such tampering with routers’ settings is that the new settings will survive even a reboot of the router, and it is very difficult to find out that the DNS has been hijacked,” said Kaspersky Labs in its blog post.
Editors' Recommendations
- Android 13: Everything we know so far about the upcoming OS
- WhatsApp to end support for older iPhones in coming months
- What is Twitter Blue and is it worth it?
- Watts don’t matter when fast charging your phone — time does
- Google backs down, keeping cheaper way to date online intact
