CyberNews Briefs

Hackers Hijack Routers’ DNS to Spread Malicious COVID-19 Apps

Researchers have found that a new cyberattack campaign is hijacking router’s DNS settings, changing web browser display alerts that show fake COVID-19 information claiming to be an app controlled by the World Health Organization. However, behind the fraudulent app is Vidar information-stealing malware. Over the past five days, several users reported that their web browser would automatically open and display the message.

Researchers discovered that the alerts were a result of a cyberattack changing the DNS servers configured on their home routers to use the DNS servers that are operated by the attackers. Experts stated that because most computers use IP address and DNS information that is provided by their router, the malicious DNS servers redirected victims to malicious content under the attackers’ control.

Read More: Hackers Hijack Routers’ DNS to Spread Malicious COVID-19 Apps

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.