Wed, Apr 26, 2017 | updated 03:39 AM IST

Switcher Trojan: Android joins 'attack-the-router' club

Updated: Dec 29, 2016 12:11 IST      
Switcher Trojan: Android joins 'attack-the-router' club

New Delhi [India], Dec.29 (ANI): Kaspersky Lab experts have uncovered a remarkable evolution in Android OS malware: the Switcher Trojan. It treats unsuspecting Android device users as tools to infect Wi-Fi routers, changing the routers' DNS settings and redirecting traffic from devices connected to the network to websites controlled by the attackers, leaving users vulnerable to phishing, malware and adware attacks and more. The attackers claim to have successfully infiltrated 1,280 wireless networks so far, mainly in China.

Domain Name Servers (DNS) turn a readable web address such as 'x.com' into the numerical IP address required for communications between computers. The ability of the Switcher Trojan to hijack this process gives the attackers almost complete control over network activity which uses the name-resolving system, such as internet traffic. The approach works because wireless routers generally reconfigure the DNS settings of all devices on the network to their own - thereby forcing everyone to use the same rogue DNS.

The infection is spread by users downloading one of two versions of the Android Trojan from a website created by the attackers. The first version is disguised as an Android client of the Chinese search engine, Baidu, and the other is a well-made fake version of a popular Chinese app for sharing information about Wi-Fi networks: WiFi????.

When an infected device connects to a wireless network, the Trojan attacks the router and tries to brute-force its way to the web admin interface by guessing the password, relying on a long, predefined list of password and login combinations. If the attempt is successful, the Trojan exchanges the existing DNS server for a rogue one controlled by the cybercriminals, and also a secondary DNS, to ensure ongoing stability if the rogue DNS goes down.

The attackers have built a website to promote and distribute the Trojanized Wi-Fi app to users. The web server that hosts this site doubles as the malware authors' command-and-control (C&C) server. Internal infection statistics spotted on an open part of this website reveal the attackers' claims to have compromised 1,280 websites - potentially exposing all the devices connected to them to further attack and infection.

"The Switcher Trojan marks a dangerous new trend in attacks on connected devices and networks. It does not attack users directly. Instead, it turns them into unwilling accomplices: physically moving sources of infection. The Trojan targets the entire network, exposing all its users, whether individuals or businesses, to a wide range of attacks - from phishing to secondary infection. A successful attack can be hard to detect and even harder to shift: the new settings can survive a router reboot, and even if the rogue DNS is disabled, the secondary DNS server is on hand to carry on. Protecting devices is as important as ever, but in a connected world we cannot afford to overlook the vulnerability of routers and Wi-Fi networks," said Nikita Buchka, mobile security expert, Kaspersky Lab.

The company recommends that all users check their DNS settings and search for the following rogue DNS servers:

• 101.200.147.153

• 112.33.13.11

• 120.76.249.59

If you have one of these servers in your DNS settings, contact your ISP support or alert the owner of the Wi-Fi network. Kaspersky Lab also strongly advises users to change the default login and password to the admin web interface of your router to prevent such attacks in the future. (ANI)

New Delhi [India], Apr 25 (ANI): SaaS cloud platform to manage hotels sales, revenue, operations and online reputation DJUBO on Tuesday announced a rapid adoption among hoteliers with a four-fold increase in its revenues, doubling occupancy, boosting ARRs by over 50 percent, and more.

Full Story >>

New Delhi [India], Apr 25 (ANI): Mobile application that allows users to personalize conversation in real-time on any platform Bobble Keyboard on Tuesday announced that it has partnered with Zen Mobile.

Full Story >>

Google's new features empower Indian language consumer base

Updated: Apr 25, 2017 14:13 IST     

New Delhi [India], Apr 25 (ANI): Aiming to cater to the needs of one and all, Google on Tuesday announced the launch of a range of new features to empower Indian language users to adapt to latest technology within the comfort zone provided by the language of their choice.

Full Story >>

New Delhi [India], Apr 24 (ANI): Accenture on Monday announced the launch of its new platform for automated, analytics-driven software testing, after successfully completing pilots with 10 clients around the world.

Full Story >>

HTC announces VIVE product launch in India

Updated: Apr 22, 2017 12:23 IST     

New Delhi [India], Apr 22 (ANI-NewsVoir): Pioneer in innovative, smart mobile and virtual reality technologies HTC Corporation has announced the launch of their virtual reality system, HTC VIVE™ making it the first complete VR system available to customers in the India market. VIVE will be available exclusively on Amazon.in via pre-order from April 22nd, 2017.

Full Story >>

Google marks Earth Day with its Doodle

Updated: Apr 22, 2017 08:59 IST     

New Delhi [India], Apr. 22 (ANI): The Earth is more than 4.543 billion years old, home to more than 8.7 million species, and still the only known planet in the universe known to harbour life, reads Google's blog today.

Full Story >>

Softbank to deploy Ericsson Radio Dot System across Japan

Updated: Apr 22, 2017 02:09 IST     

New Delhi [India], Apr 22 (ANI): Following more than two years of verification and testing, SoftBank Corp., a subsidiary of SoftBank Group Corp. on Friday announced its decision to deploy the Ericsson Radio Dot System across Japan to deliver premium indoor connectivity to its subscribers.

Full Story >>

New Delhi [India], Apr 21 (ANI): The mobile division of Magicon Impex Jivi Mobiles on Friday announced its portfolio expansion of feature phones as it launched 'Sumo T3000' at Rs. 1490 in India.

Full Story >>

Televisa selects Ericsson for HD delivery

Updated: Apr 21, 2017 18:45 IST     

New Delhi [India], Apr 21 (ANI): Ericsson on Friday announced implementation of a new end-to-end primary distribution system for Televisa, Mexico's leading broadcaster and content provider.

Full Story >>

New Delhi [India], Apr 21 (ANI): OMA Emirates Group UAE's leading payments solutions company on Friday introduced Mobility - a comprehensive range of Smart mPoS terminals in India.

Full Story >>

Hubhopper app adjudged Problem Solver for 2017

Updated: Apr 21, 2017 15:09 IST     

New Delhi [India], April 21 (ANI): Hubhopper, one of India's leading social content aggregation, discovery and publishing platforms has been adjudged 'Problem Solver of the year' by TiE and Exhibit and ranked second amongst the Hottest 100 Start-ups in India.

Full Story >>

Bobble Keyboard partners with Gionee India for growth

Updated: Apr 20, 2017 13:49 IST     

New Delhi [India], Apr 20 (ANI): Mobile application that allows users to personalize conversation in real-time on any platform Bobble Keyboard has announced that it has partnered with Gionee India.

Full Story >>

ZOWIE announces association with ESL India Premiership 2017

Updated: Apr 20, 2017 13:29 IST     

New Delhi [India], Apr 20 (ANI): BenQ ZOWIE, a leading innovator of professional gaming gear and monitors, announced today its association with ESL India Premiership 2017, the second edition of the biggest esports event in the country.

Full Story >>

New Delhi [India], Apr 20 (ANI): While people claim to value their memories more than any other form of data stored on their digital devices, they are happy to sell them for little money, research by Kaspersky Lab shows.

Full Story >>

Ericsson partners with Lynk & Co to enhance car connectivity

Updated: Apr 20, 2017 07:10 IST     

New Delhi [India], Apr 20 (ANI): Communications technology and services leader Ericsson on Wednesday partnered with Lynk & Co, the world's 'most connected car' to enhance the future of car connectivity.

Full Story >>

New Delhi [India], Apr 19 (ANI): India's first 100 percent fibre broadband service provider Spectranet on Wednesday announced the launch of its world-class internet services in Noida.

Full Story >>

New Delhi [India], Apr 18 (ANI-NewsVoir): SAS, the leader in business analytics software and services will be hosting India's largest analytics forum - SAS Forum India 2017. Now in its seventh year, the forum will be held on Wednesday, April 26, 2017 at The Grand Hyatt in Mumbai.

Full Story >>

Kaspersky lab extends its Big Bounty Program

Updated: Apr 18, 2017 17:58 IST     

New Delhi [India], Apr 18 (ANI): Extending its support to qualified individuals and organizations to submit reports on vulnerabilities and bugs found in its products, Kaspersky Lab has announced the extension of its Bug Bounty Program.

Full Story >>

Gupshup launches bot-to-bot communication platform 'InterBot'

Updated: Apr 18, 2017 13:28 IST     

New Delhi [India], Apr 18 (ANI): Leading bot platform Gupshup on Monday announced the launch of InterBot, a first of its type bot-to-bot communication platform aiming to revolutionise botkind.

Full Story >>

New Delhi [India], Apr 18 (ANI): Nine out of 10 customers switch brands due to an unsatisfactory digital experience, revealed a report published on Monday by SAP, a leader in enterprise application software.

Full Story >>