Fri, Mar 24, 2017 | updated 07:44 AM IST

Switcher Trojan: Android joins 'attack-the-router' club

Updated: Dec 29, 2016 12:11 IST

New Delhi [India], Dec.29 (ANI): Kaspersky Lab experts have uncovered a remarkable evolution in Android OS malware: the Switcher Trojan. It treats unsuspecting Android device users as tools to infect Wi-Fi routers, changing the routers' DNS settings and redirecting traffic from devices connected to the network to websites controlled by the attackers, leaving users vulnerable to phishing, malware and adware attacks and more. The attackers claim to have successfully infiltrated 1,280 wireless networks so far, mainly in China.

Domain Name Servers (DNS) turn a readable web address such as 'x.com' into the numerical IP address required for communications between computers. The ability of the Switcher Trojan to hijack this process gives the attackers almost complete control over network activity which uses the name-resolving system, such as internet traffic. The approach works because wireless routers generally reconfigure the DNS settings of all devices on the network to their own - thereby forcing everyone to use the same rogue DNS.

The infection is spread by users downloading one of two versions of the Android Trojan from a website created by the attackers. The first version is disguised as an Android client of the Chinese search engine, Baidu, and the other is a well-made fake version of a popular Chinese app for sharing information about Wi-Fi networks: WiFi????.

When an infected device connects to a wireless network, the Trojan attacks the router and tries to brute-force its way to the web admin interface by guessing the password, relying on a long, predefined list of password and login combinations. If the attempt is successful, the Trojan exchanges the existing DNS server for a rogue one controlled by the cybercriminals, and also a secondary DNS, to ensure ongoing stability if the rogue DNS goes down.

The attackers have built a website to promote and distribute the Trojanized Wi-Fi app to users. The web server that hosts this site doubles as the malware authors' command-and-control (C&C) server. Internal infection statistics spotted on an open part of this website reveal the attackers' claims to have compromised 1,280 websites - potentially exposing all the devices connected to them to further attack and infection.

"The Switcher Trojan marks a dangerous new trend in attacks on connected devices and networks. It does not attack users directly. Instead, it turns them into unwilling accomplices: physically moving sources of infection. The Trojan targets the entire network, exposing all its users, whether individuals or businesses, to a wide range of attacks - from phishing to secondary infection. A successful attack can be hard to detect and even harder to shift: the new settings can survive a router reboot, and even if the rogue DNS is disabled, the secondary DNS server is on hand to carry on. Protecting devices is as important as ever, but in a connected world we cannot afford to overlook the vulnerability of routers and Wi-Fi networks," said Nikita Buchka, mobile security expert, Kaspersky Lab.

The company recommends that all users check their DNS settings and search for the following rogue DNS servers:

• 101.200.147.153

• 112.33.13.11

• 120.76.249.59

If you have one of these servers in your DNS settings, contact your ISP support or alert the owner of the Wi-Fi network. Kaspersky Lab also strongly advises users to change the default login and password to the admin web interface of your router to prevent such attacks in the future. (ANI)

New Delhi [India], Mar 23 (ANI): Nokia on Thursday announced the completion of the first pre-standard testing of 600MHz on commercially-available hardware, creating a test bed for terminal ecosystem development and availability.

Full Story >>

New Delhi [India], Mar. 23 (ANI): In keeping with Prime Minister Narendra Modi's vision of a 'New India', Google India and the Ministry of Electronics and Information Technology (MEITY) announced a set of initiatives aimed at empowering citizens and creating abundant opportunities for all.

Full Story >>

New Delhi [India], Mar 23 (ANI): World leader in digital security Gemalto on Thursday announced that Microsoft Azure Information Protection customers can now take advantage of the new "Hold Your Own Key" (HYOK) functionality using Gemalto's SafeNet Luna Hardware Security Modules (HSMs).

Full Story >>

New Delhi [India], Mar 23 (ANI): IBM on Thursday announced a strategic partnership to offer 'RetailSmart', an end-to-end fully integrated solution that will enable local 'Kirana' (unorganized) stores to become ecommerce ready.

Full Story >>

New Delhi [India], Mar 23 (ANI): "Where are you now?" and "What's your ETA?" Whether you're heading to a party or meeting up for dinner, you probably hear questions like this pretty often from family and friends. Soon Google Maps users worldwide will be able to answer those questions in just a few taps, without ever leaving the app.

Full Story >>

Build your brand through Snapchat!

Updated: Mar 23, 2017 12:38 IST

New Delhi [India], Mar. 23 (ANI): Oh Snap! Aren't you on Snapchat yet?

Full Story >>

New Delhi [India], Mar 22 (ANI): In the dynamic economic environment in India, businesses should focus on not just providing a good value for money product, but an equally excellent customer service experience to attract and retain customers. According to the findings of the American Express® 2017 Global Customer Service Barometer released today, 84 percent Indian consumers say the quality of customer service is very important when they're deciding to become or remain a customer.

Full Story >>

New Delhi [India], Mar.22 (ANI): Starting an online business is by no means an easy undertaking.

Full Story >>

New Delhi [India], Mar. 21 (ANI): Industry's broadest and most integrated public cloud Oracle has announced that an increasing number of global enterprises, SMBs, and ISVs are choosing the Oracle Cloud Platform to speed innovation, simplify IT, reduce costs, and deliver stellar customer experiences to easily develop, test, and deploy high-performance applications in the cloud.

Full Story >>

New Delhi [India], Mar. 21 (ANI): IBM and Red Hat, Inc. On Tuesday announced a strategic collaboration designed to help enterprises benefit from the OpenStack platform's speed and economics while more easily extending their existing Red Hat virtualized and cloud workloads to the IBM Private Cloud.

Full Story >>

New Delhi/ Bengaluru [India], Mar. 21 (ANI) LeEco has announced its exclusive partnership with Amazon, for its newly launched globally acclaimed, next generation ecotvs in India. To kick-start the partnership and incentivize consumers, several great offers have been extended which are proving to be a big hit.

Full Story >>

New Delhi [India], Mar. 21 (ANI): More than 99 percent of all malware designed for mobile devices targets Android devices, explained Olaf Pursche, Head of Communications at AV-TEST, in the F-Secure State of Cyber Security 2017.

Full Story >>

NEC joins FIWARE Foundation as platinum member

Updated: Mar 21, 2017 12:01 IST

Tokyo [Japan], Mar. 21 (ANI): NEC Corporation (NEC; TSE: 6701) has announced that it has joined the FIWARE Foundation e.V., a non-profit organization promoting the dissemination of FIWARE technology (*1), as a platinum member. NEC is the first and only Japanese company to join the foundation.

Full Story >>

Dusseldorf /Tokyo [Japan], Mar. 21 (ANI): NEC Corporation (NEC; TSE: 6701) has announced that NEC Deutschland GmbH has delivered a supercomputer utilizing NEC's scale-out LX series compute servers featuring the new Intel® Xeon® E5-2600 v4 product family, to RWTH Aachen University, one of 11 "Universities of Excellence" in Germany, offering high performance computing services for engineering and scientific research.

Full Story >>

New Delhi [India], Mar 20 (ANI): HTC Corporation, a leading innovator in mobile and virtual reality technology has announced the launch of HTC Sense Companion on its recently launched flagship smartphones HTC U Ultra and HTC U Play.

Full Story >>

New Delhi [India], Mar. 20 (ANI): The advent of smartphones within the country has brought about a paradigm change in the lifestyles of Indian consumers. But with the rise in online transactions, mobile-based banking, and the amount of personal data stored on mobile devices, there have also emerged serious questions about the security aspect. It is to address these qualms and to make mobile usage more secure for its end-users that very few brands have integrated iris scanners in their smartphones.

Full Story >>

New Delhi [India], Mar 20 (ANI): Digital clutter is growing due to an explosion in application usage and advances in the storage capacity of devices. But poor maintenance of these apps is leaving devices vulnerable to security threats. A new report by Kaspersky Lab reveals the scale of the digital clutter problem among Internet users worldwide.

Full Story >>

New Delhi [India], Mar. 20 (ANI): Studies in the recent past have shown how prone people in their 50s are to an array of health-related issues, ranging from the common cold to a cardiac arrest. The quinquagenarian phase thus demands constant monitoring and medical check-ups.

Full Story >>

New Delhi [India], Mar. 19 (ANI): Global premium smartphone Vivo announced the launch of its latest Vivo Y66 in India. Packaged with exciting features, the device is designed in line with Vivo's commitment to redefining the perfect selfie experience and it falls into their affordable segment of smartphones.

Full Story >>

New Delhi [India], Mar 18 (ANI): Global internet and technology company LeEco on Saturday unveiled its next generation of ecotvs in India with the stunning Super4 Series including models Super4 X40, Super4 X43 Pro and Super4 X50 Pro.

Full Story >>