Security News > 2020 > April > Linksys forces password reset for Smart Wi-Fi accounts after router DNS hack pointed users at COVID-19 malware
Router biz Linksys has reset all its customers' Smart Wi-Fi account passwords after cybercrims accessed a bunch and redirected hapless users to COVID-19 themed malware.
Hackers with access to Linksys Smart Wi-Fi accounts were changing home routers' DNS server settings.
Jen Wei Warren, Linksys parent firm Belkin's global PR veep, told The Register that the original illicit access to customer routers through their cloud-hosted Smart Wi-Fi accounts was a successful credential-stuffing attempt using login details harvested from previous breaches elsewhere.
It said: "All Linksys Smart Wi-Fi accounts were locked at 8:00 pm PDT on April 2 because someone was logging in with email address and password combinations stolen from other websites."
We enforced a password change for all our Linksys Smart Wi-Fi Customers due to the recent COVID19 hacking.
News URL
Related news
- Custom "Pygmy Goat" malware used in Sophos Firewall hack on govt network (source)
- Malware Campaign Uses Ethereum Smart Contracts to Control npm Typosquat Packages (source)
- Chinese Hackers Use GHOSTSPIDER Malware to Hack Telecoms Across 12+ Countries (source)
- Hackers Leveraging Cloudflare Tunnels, DNS Fast-Flux to Hide GammaDrop Malware (source)
- ZLoader Malware Returns With DNS Tunneling to Stealthily Mask C2 Comms (source)
- Juniper warns of Mirai botnet targeting Session Smart routers (source)
- Juniper warns of Mirai botnet scanning for Session Smart routers (source)