Updated: May 21, 2020
Cybercriminals are conducting attacks on home and small business routers in attempts to redirect users to fraudulent COVID-19-themed pop-up messages that plant information-stealing malware on their computers.
Global cybersecurity company Bitdefender reports hackers are using brute-force methods to guess the names and passwords of routers so they can change the domain network settings. With the settings changed, a user visiting certain sites will instead be redirected to sites controlled by the hacker. From here, they are sent pop-ups mimicking those from public health organizations such as the CDC or WHO, and prompted to download legitimate-looking COVID-19-related software. Clicking the download leads to information-stealing software being planted on your computer, putting personal information at risk.
BBB recommends the following tips to stay safe from these attacks:
Make sure your router’s firmware is up-to-date. Firmware is the software program or set of instructions programmed into a device. Ensuring it’s updated prevents hackers from exploiting any vulnerabilities in the device.
Change your router’s login information, on your computer and in the cloud if necessary.
Make sure your computer’s security software is installed and updated. This increases the likelihood that you will be alerted when visiting fraudulent websites, and/or installing malware.