"Hackers Hijack Routers to Spread Malware Via Coronavirus Apps"
Cybercriminals are starting to get more creative in how they are leveraging the coronavirus pandemic. Researchers at Bitdefender have found that cybercriminals are hijacking routers and changing Domain Name System (DNS) settings so that the victim is redirected to the attacker's controlled website. On the attacker's controlled website, the attackers promote fake coronavirus information applications. The site also displays a message pretending to be from the World Health Organization (WHO) and tells the users to install an app offering further coronavirus information via a download button. If an individual download one of these applications, the individual is then infected with information-stealing Oski malware. These hacks began on March 18th, and at least 1,193 victims have been affected by this cyberattack. Victims are from the United States, Germany, and France. The adversaries target routers by brute forcing remote management credentials. The adversaries are targeting Linksys routers, and also D-Link routers.
Threatpost reports: "Hackers Hijack Routers to Spread Malware Via Coronavirus Apps"