A new variant of malware that affects internet routers and Google Analytics has been discovered. The new router malware is designed to inject questionable ads and pornography into the websites you visit. The new malware modifies the affected router’s DNS settings in order to target and intercept Google Analytics codes and replace them with new malicious code.
It’s assumed that most websites use Google Analytics to record traffic and search engine data for their websites. This makes websites that have Google Analytics code injected easy to manipulate. Websites that use the free Google service are prime targets for a DNS attack.
DNS malware has actually been around for years. But, this new malware is different as it takes advantage of websites that use Google Analytics and those who use specific internet routers.
Whats the purpose of this new router malware?
For the cyber criminals, there’s plenty of room for income. They can easily sell advertising spots and gain a large amount of advertisers to participate in this malvertising scam. This can result in a large sum of money for both the advertisers and the malware developers.
The variant of this malware has been reported to easily find its way into routers from automatic web attacks due to the fact that many owners do not change their router’s login credentials after visiting a compromised webpage. There is some sort of connection to this adware and internet routers. However, it has not been specified which routers are being exploited by this new malware at the moment.
When a DNS hijack is successful, the DNS settings on the affected router are corrupted and will point to a rogue DNS server controlled by the attacker, where they can substitute a correct IP for the IP of a server that is under their control. When this happens, you may visit websites online, but actually be connected to a hacker’s server.
The best way to protect against this new router malware is to use Antivirus and/or Anti-Malware software with real-time protection, such as Malwarebytes Anti-Malware. Also, ensure that your router’s firmware is fully patched, change your default router credentials, and routinely change your router’s password.
Leave a Comment