In the ongoing coronavirus pandemic, it is no wonder that there are people looking to make use of it to gain access to people’s information. Since Linksys and D-Link are without a doubt most popular router manufacturers in the world, it “pays off” to try and find a way to hack those models in particular.

With the current malware, it seems as if hackers are using brute attacks to gain access to admin control panels of these routers. Once this barrier is broken, it appears that hackers change the DNS settings, directing the traffic of that particular router into their own made servers.

Obvious privacy issues become apparent once you realize that once the routers are hijacked, they basically share user’s browsing detail to server set up by hackers. There are several domains which are used to cover up the fake websites to the user:

  • aws.amazon.com
  • goo.gl
  • bit.ly
  • washington.edu
  • imageshack.us
  • ufl.edu
  • disney.com
  • cox.net
  • xhamster.com
  • pubads.g.doubleclick.net
  • tidd.ly
  • redditblog.com
  • fiddler2.com
  • winimage.com

Based on information we received, the malware used for this is from the Oski data hijacker trojan, commonly found on dark web forums, always used to steal informations such as credentials, cookies, 2FA database, saved login credentials and more.

Source: TechRadar


Editor’s note: It seems like you accidentaly (or intentionally landed on one of our archived news article. For the fresh stuff you would need to jump over to the tech news section on the homepage. In case you have trouble with any D-Link or Linksys devices, we would recommend a look at our guides, as well as troubleshooting tutorials. If you have any questions you can always reach out to us from our contact us page. See you on the front page!