New Android Malware Found
Security researchers at Kaspersky Labs have discovered a new malware that affects Android devices. Nikita Buchka wrote on a blog post, “Instead of attacking a user, it attacks the Wi-Fi network the user is connected to, or, to be precise, the wireless router that serves the network.”
The trojan deploys the brute-force attack to guess the password and access the device. Once the password is cracked it modifies the DNS server in the router, redirecting all traffic through their own servers and malicious websites.
What makes things really bad is, as Bucha explained, that instead of affecting users, the malware affects the entire network which means every user on that network is exposed. Kaspersky recommends checking the DNS settings of your router.
There are currently two versions of the app: one is a fake mobile client for Chinese search engine Baidu and the second one is about WiFi network. It’s the same old story where cybercriminals are offering malicious fake apps outside of official app stores. Always use the official apps stores. Anyone using official Google Play Store for app installation is safe.
The lesson here is: don’t install random apps from random websites.