Researchers from Kaspersky Lab discovered a new operation utilizing DNS hijacking to distribute an upgraded version of the Wroba malware.
The malware which has been active in South Korea for years but has recently appeared in various European countries aims to trick visitors into visiting malicious landing pages where they can be exploited.
How Malware Got Spreaded Around
Researchers from Kaspersky described a new campaign originating with the Roaming Mantis gang, in which upgraded versions of the Wroba malware are being spread throughout numerous European countries.
The campaign initiates with smishing or DNS poisoning the target’s WiFi routers, which then leads the victim to a phishing website that contains the true payload. Researchers warn that phishing websites and apps can both be used to spread the proprietary malware known as Wroba.
Malware like Wroba has been mostly employed in South Korea and is capable of sucking the victim’s financial information for use by threat actors.
The malware’s creators have now expanded its operations to a number of European countries, according to researchers.
In the last few years, this malware has been propagated by smishing in the following countries: Japan, Austria, France, Germany, India, Malaysia, Taiwan, Turkey, and the United States. Wroba has a functional DNS changer that can identify specific routers by their model numbers and poison their DNS configurations.
The victim’s digital connections with anyone, regardless of the nature of those connections, are likewise vulnerable to exploitation.
“Users with infected Android devices that connect to free or public Wi-Fi networks may distribute the malware to other devices on the network if the Wi-Fi network they are connected to is vulnerable,” the researchers stated.
- Microsoft starts testing tabs in Notepad for Windows 11
- Data from KFC, Taco Bell, & Pizza Hut Got Stolen In Ransomware Attack
- Microsoft Investigates Bug Behind Unresponsive Windows Start Menu
- Microsoft Ending Support for Windows 7 & Windows 8 Versions
- AI Revolutionizing Windows User-Experience Comments Microsoft’s Windows Head
- Windows Error Reporting Tool Utilized By Hackers To Distribute Malware