Cybercriminals Hijack Router DNS to Distribute Android Banking Trojan

Security researchers have identified a malware campaign designed to hijack DNS settings on poorly secured and vulnerable routers to inject rogue ads on web pages, redirect users to phishing pages, and distribute Android banking malware Roaming Mantis.  The malware steals users’ sensitive information, login credentials, bank account details, and two-factor authentication codes.  To protect against attacks such as this, routers should have trusted DNS servers hard coded, they should run the latest version of firmware, be protected with strong passwords, and remote administration should be disabled.

Relevant URL(s): https://thehackernews.com/2018/04/android-dns-hijack-malware.html