Kaspersky Lab cybersecurity researchers bring flora a novel Android malware that is designed to deport on smartphones through a really uncomplicated in addition to efficient flim-flam based on domain cite organization (DNS) hijacking technique.
The malware is dubbed equally a Roaming Mantis, which is really active in addition to is used to bag all the of import credentials of the users. It provides attackers amount command over the compromised victim's device.
According to the investigation yesteryear Kaspersky Lab the malware target users inwards Asia amongst faux websites customized for English, Korean, Simplified Chinese in addition to Japanese. The users inwards Bangladesh, Japan, in addition to Republic of Korea are infected the most.
“Our query revealed that the malware (sic) contains Android application IDs for pop mobile banking in addition to game applications inwards South Korea. The malware is virtually prevalent inwards South Korea, in addition to Korean is the starting fourth dimension linguistic communication targeted inwards HTML in addition to test.dex. Based on our findings, it appears the malicious app was originally distributed to South Korean targets. Support was thence added for Traditional Chinese, English, in addition to Japanese, broadening its target base of operations inwards the Asian region.”
However, the researchers were unable to notice the method yesteryear which routers are compromised.
If the users DNS is successfully hijacked, thence access to whatever genuine website larn impossible in addition to it leads them to a URL that is forged amongst content coming from the attackers' server.
This includes the request: "To ameliorate sense the browsing, update to the latest chrome version".
Kaspersky Lab has recommended to a greater extent than or less of the ways yesteryear which you lot tin protect your mesh connectedness from this infection:
- Refer to your router's user manual to verify that your DNS settings haven't been tampered amongst or contact your Internet access provider for support.
- Change the default login in addition to password for the admin spider web interface of the router.
- Never install router firmware from third-party sources. Avoid using third-party repositories for your Android devices.
- Regularly update your router's firmware from the official source.
