Mobile Malware Infects Routers
Posted by: Timothy Weaver on 04/11/2016 03:09 PM
[
Comments
]
Researchers at Trend Micro have come across a piece of JavaScript malware that is capable of changing the DNS settings of home routers from mobile devices.
While the malware includes code for targeting the products of several top router manufacturers, including D-Link and TP-Link, Trend Micro says most of the code has been commented out. For the time being, only the ZTE modem exploit appears to be active and it only works if the malware is executed from a mobile device.
The malware can also be used to infect a desk top computer, but the infection chain is different.
Trend Micro’s Chisato Rokumiya explained: “Cybercriminals behind this incident employ evasive mechanism to go off the radar and continue its attack without rousing any suspicion from affected users. Such tactics include regularly updating the JavaScript codes to fix errors and constantly changing targeted home routers."
Source: Security Week
While the malware includes code for targeting the products of several top router manufacturers, including D-Link and TP-Link, Trend Micro says most of the code has been commented out. For the time being, only the ZTE modem exploit appears to be active and it only works if the malware is executed from a mobile device.
The malware can also be used to infect a desk top computer, but the infection chain is different.
Trend Micro’s Chisato Rokumiya explained: “Cybercriminals behind this incident employ evasive mechanism to go off the radar and continue its attack without rousing any suspicion from affected users. Such tactics include regularly updating the JavaScript codes to fix errors and constantly changing targeted home routers."
Source: Security Week
Comments
