Why attack one system when you can enter inside an entire network and control every device linked to it? That is the motto ‘Switcher’ malware. It is the newest Android Trojan threat these days. It uses naive Android devices as tools to forward all net traffic from Wi-Fi connected devices on a given bandwidth to one owned by a hacker, putting those devices straight into the hands of attackers.

This malware variant initiates its attack by first infecting a naive phone by hiding itself as a mobile app. Two hiding technique have been seen in use so far: one in which the malware hide itself as an app for the search engine, and another where it displays within an app that locates and shares Wi-Fi details. Once in, it then achieves brute-force attacks on the router it’s linked to in an attempt to get its password. If it gets inside easily, the malware alters the addresses of the DNS server. DNS is an Internet service that converts domain names into IP addresses in the router’s settings. This router then reroutes all DNS movement from devices in the attacked Wi-Fi network to the servers of the hackers. This attack is technically refereed as DNS hijacking.

If a hacker can hijack a DNS server, all devices linked to it like the mobile phone and PC connected to your home Wi-Fi network will seemly interact with the hacker server, making them openly inclined to attack. Meaning, any device linked to that network at any time could be compromised, leaving a good amount of personal data susceptible.

The important point here to know is that only 1,250 Wi-Fi networks have fallen prey to the attack. The bad news though, is that even if the attack is noticed, it can be tough to eradicate the infection, thanks to backup servers hackers may have in place.

So how precisely is this attack promising? Two words: predefined credentials. The ‘Switcher’ malware is said to flourish in its early penetration by using a long, predefined list of password and login probabilities a task which is made quite simple if the router uses easily penetrated predefined authorizations.

So, what can you do to stay secure against router-based attacks like these? First off, it’s important to change predefined router passwords so your network and all devices linked to it aren’t vulnerable to attack. Remember: if hackers can get into a router, it’s like giving them the authorization to your whole, connected territory of devices. Here are a few additional tips for not allowing a DNS hijacking attack, to keep in you safe area: