New Android-infecting malware brew hijacks devices. Why, you ask? Your router

1,280 Wi-Fi networks have fallen victim to the Switcher


Hackers have brewed up a strain of Android malware that uses compromised smartphones as conduits to attack routers.

The Switcher trojan does not attack Android device users directly. Instead, the malware uses compromised smartphones and tablets as tools to attack any wireless networks they connect to.

Switcher brute-forces access to the network's router and then changes its DNS settings to redirect traffic from devices connected to the network to a rogue DNS server, security researchers at Kaspersky Lab report.

This server fools the devices into communicating with websites controlled by the attackers, leaving users wide open to either phishing or further malware-based attacks.

The attackers claim to have successfully infiltrated 1,280 wireless networks so far, mainly in China.

The tactics in play are similar to those employed by a DNS Changer variant spotted by security researchers at Proofpoint last month. That nasty spread through JavaScript code in malicious ads, whereas Switcher uses a different mode of attack.

The infection is spread by users downloading one of two versions of the Android Trojan from a website created by the attackers. The first version is disguised as an Android client of the Chinese search engine, Baidu, and the other is a counterfeit version of a popular Chinese app for sharing information about Wi-Fi networks.

"The attackers have built a website to promote and distribute the Trojanised Wi-Fi app to users," according to Kaspersky Lab. "The web server that hosts this site doubles as the malware authors' command-and-control (C&C) server. Internal infection statistics spotted on an open part of this website reveal the attackers' claims to have compromised 1,280 websites – potentially exposing all the devices connected to them to further attack and infection."

A write-up of the Switcher malware can be found on Kaspersky Lab's Securelist blog here. ®

Broader topics


Other stories you might like

  • Tesla driver charged with vehicular manslaughter after deadly Autopilot crash

    Prosecution seems to be first of its kind in America

    A Tesla driver has seemingly become the first person in the US to be charged with vehicular manslaughter for a deadly crash in which the vehicle's Autopilot mode was engaged.

    According to the cops, the driver exited a highway in his Tesla Model S, ran a red light, and smashed into a Honda Civic at an intersection in Gardena, Los Angeles County, in late 2019. A man and woman in the second car were killed. The Tesla driver and a passenger survived and were taken to hospital.

    Prosecutors in California charged Kevin George Aziz Riad, 27, in October last year though details of the case are only just emerging, according to AP on Tuesday. Riad, a limousine service driver, is facing two counts of vehicular manslaughter, and is free on bail after pleading not guilty.

    Continue reading
  • AMD returns to smartphone graphics with new Samsung chip for your pocket computer

    We're back in black

    AMD's GPU technology is returning to mobile handsets with Samsung's Exynos 2200 system-on-chip, which was announced on Tuesday.

    The Exynos 2200 processor, fabricated using a 4nm process, has Armv9 CPU cores and the oddly named Xclipse GPU, which is an adaptation of AMD's RDNA 2 mainstream GPU architecture.

    AMD was in the handheld GPU market until 2009, when it sold the Imageon GPU and handheld business for $65m to Qualcomm, which turned the tech into the Adreno GPU for its Snapdragon family. AMD's Imageon processors were used in devices from Motorola, Panasonic, Palm and others making Windows Mobile handsets.

    Continue reading
  • Big shock: Guy who fled political violence and became rich in tech now struggles to care about political violence

    'I recognize that I come across as lacking empathy,' billionaire VC admits

    Billionaire tech investor and ex-Facebook senior executive Chamath Palihapitiya was publicly blasted after he said nobody really cares about the reported human rights abuse of Uyghur Muslims in China.

    The blunt comments were made during the latest episode of All-In, a podcast in which Palihapitiya chats to investors and entrepreneurs Jason Calacanis, David Sacks, and David Friedberg about technology.

    The group were debating the Biden administration’s response to what's said to be China's crackdown of Uyghur Muslims when Palihapitiya interrupted and said: “Nobody cares about what’s happening to the Uyghurs, okay? ... I’m telling you a very hard ugly truth, okay? Of all the things that I care about … yes, it is below my line.”

    Continue reading

Biting the hand that feeds IT © 1998–2022