Attacks On Linksys Routers Use Coronavirus Themes For Takeovers
By: Jim Stickley and Tina Davis
July 6, 2020
When was the last time you thought about your router’s health? According to security experts, there’s good reason to check your router settings and change its passwords right now. A coronavirus-themed malware has been circulating among Linksys or D-Link home Wi-Fi routers, so if you’re using one, it’s time to check under the hood–and quickly. Data from Bitdefender shows 73% of those most targeted with this info-stealing virus are the U.S., Germany, and France. That statistic also corresponds with these countries being among the most affected by coronavirus, increasing the likelihood this theme snares even more victims.
It’s believed hackers are taking over the routers with “brute force” attacks. These attacks are a trial-and-error way of cracking passwords using scripts or bots to do the work. They create countless combinations of passwords until one of them hits the jackpot and allows entry into the router. With a successful Linksys or D-Link router attack, a hacker changes the router domain name system (DNS) and internet protocol (IP) address. Once done, attackers redirect users to coronavirus-themed webpages they control, with the user completely unaware of the changes.
One attack uses a pop-up window with a message offering an app download from the World Health Organization (WHO), promising the latest coronavirus news. A user who downloads the app gets rerouted to info-stealing scam websites that heist passwords, credit card numbers, and more, also infecting the Windows device. So, before you click that “download” button, take the security steps the experts say can protect these routers and your devices from this info-stealing virus.
Router Safety
- Change your router passwords with strong and unique replacements, and never keep default passwords in place.
- Also change Linksys cloud account credentials including any router remote management accounts. That helps avoid future brute-force and credential stuffing efforts.
- Keep router firmware up to date by installing the latest upgrades from the manufacturer’s website only. It keeps hackers from exploiting unpatched vulnerabilities that can lead to a device take over.
- Install a security solution on devices that can help prevent phishing, fraudulent websites, and malware downloads from occurring.
- Use great caution with any coronavirus-themed message. During this pandemic, hackers are taking virus fears to a level they can easily exploit.
And for those who need a push, Linksys locked all their Smart Wi-Fi accounts, forcing users to reset passwords for those accounts.