Security flaws in Android no longer a novelty and have become something that is accepted almost "normal" form. This is not a perfect system, It is the most used and this allows greater exposure to security issues.
A new malware was discovered and, instead of dedicating to steal user data, prefers to attack the routers to which the user connects, changing the DNS you.
This new Android malware, It is called Switcher, It has a totally different approach than we have seen to date. It does not focus on the data of the users and not the operating system itself. Prefers to attack other network elements to which the smartphone is connected, looking as a preferred target Internet access routers, which tries to change the defined DNS servers.
When unable to do so, get more control over the remaining equipment and ensures a much greater impact, since all that bind to the infected network start using these new DNS servers.
With this attack works on Android
As we said before, the Switcher does not look at Android and prefer to use it as a means to reach the routers that provide access to Internet, propagating in wireless networks where Android binds. The idea of this malware is to change the defined DNS servers, going to use another, controlled by the attacker.
To get access to these routers, the switcher uses a brute force technique, trying to figure out the access data, drawing on the well known dictionaries.
After access routers can detect which equipment and changes, using javascript and web access, DNS servers defined. The brand routers that Switcher more demand is the TP-Link.
By achieving this change, is replaced by these servers defined for all devices that connect to the network, since most receive these servers via the DHCP service.
The end result will be the route of users to sites that have nothing to do with those that want, where they will receive unwanted advertising and even, most likely, new malware and virus infections.
What is known, this malware is being spread through a false application to search in Baidu and other dedicated to share access to wireless networks.
This is another reason to be extra careful and do not leave the equipment configured with passwords factory or simple passwords and easy to guess. So far there is still no solution to this problem.
You can read this news in full and in the original:https://pplware.sapo.pt/smartphones-tablets/android/malware-android-ignora-ataca-routers/