Watch Out! This Android Malware Hijacks Your Router
Nasty Trojan pretends to be Android search app, but really wants to take over your home Wi-Fi router.
A nasty new Android Trojan isn't targeting your smartphone, but your home Wi-Fi router instead.
The malware, spotted by Kaspersky Lab researchers late last month and dubbed Switcher, pretends to be either of two legitimate Chinese-language Android apps — one for the Baidu search engine, and the other a common app for sharing Wi-Fi network details.
Once installed on an Android phone, Switcher will bombard the user's Wi-Fi router with a laundry list of default administrative passwords, then change the router's settings if it gets in.
MORE: Best Android Antivirus Apps
North American users may not have to worry yet, as Switcher lives in off-road app markets catering to mainland Chinese customers. (The Google Play store is restricted in the People's Republic, and many users there install apps from dodgy sources.) But we've seen new attack methods spread from China to other parts of the world before.
According to a document spotted by Kaspersky researchers on the Switcher command-and-control website, nearly 1,300 home Wi-Fi networks in China have already fallen victim to Switcher.
To make sure you're not infected by this malware, go into your Android settings menu, select Security and make sure Unknown Sources is toggled off. That way, you won't be able to install any app from outside the Google Play store. All Android users should also consider running Android antivirus software, as even Google Play isn't immune from malicious apps.
Sign up to get the BEST of Tom's Guide direct to your inbox.
Here at Tom’s Guide our expert editors are committed to bringing you the best news, reviews and guides to help you stay informed and ahead of the curve!
However, none of that will protect your home Wi-Fi router, which may still be using the default admin credentials. Dig out your router instruction manual, log into the administrative screen and make sure the administrative username and password are something you came up with, not something that was set at the factory.
While you're at it, check to see whether any firmware updates are available for your router. You may have to download something to a PC, then upload it to the router, but even if so, your resulting peace of mind will be well worth the effort.
What's so bad about changing a router's settings? Put it this way: He who controls the router controls the network. A bad guy in charge of your will be able to hijack your entire internet experience, from stealing your personal information to sending you to malicious websites.
Paul Wagenseil is a senior editor at Tom's Guide focused on security and privacy. He has also been a dishwasher, fry cook, long-haul driver, code monkey and video editor. He's been rooting around in the information-security space for more than 15 years at FoxNews.com, SecurityNewsDaily, TechNewsDaily and Tom's Guide, has presented talks at the ShmooCon, DerbyCon and BSides Las Vegas hacker conferences, shown up in random TV news spots and even moderated a panel discussion at the CEDIA home-technology conference. You can follow his rants on Twitter at @snd_wagenseil.