The researchers come from Kaspersky Labs, and they say that this is the first time they’ve seen an Android trojan being used to attack wireless routers like this. The way it works is that the software uses a long, predefined list of login combinations, and if it’s able to gain access, it changes the DNS settings of the router, effectively rerouting traffic onto a network controlled by hackers.
The news certainly is troubling, as it means that it’s not only the Android device that’s affected — it’s all traffic on a network. So, if your Android phone is used, your computer and all other devices on the network could be monitored, too. Hackers could also use the method to load web pages that look the same as the original, but contain some extra content, like extra ads. And, of course, hackers could also use it to redirect users to pages that contain malware.
“The Trojan.AndroidOS.Switcher does not attack users directly. Instead, it targets the entire network, exposing all its users to a wide range of attacks – from phishing to secondary infection. The main danger of such tampering with routers’ settings is that the new settings will survive even a reboot of the router, and it is very difficult to find out that the DNS has been hijacked,” said Kaspersky Labs in its blog post.
Editors' Recommendations
- How to tell if someone is stealing your Wi-Fi — and what you can do about it
- How to reset your router
- How to fix problems with your MacBook’s Wi-Fi
- The best VPN services for 2021
- The most common Wi-Fi problems and how to fix them