Security News > 2020 > April > Linksys forces password reset for Smart Wi-Fi accounts after router DNS hack pointed users at COVID-19 malware
Router biz Linksys has reset all its customers' Smart Wi-Fi account passwords after cybercrims accessed a bunch and redirected hapless users to COVID-19 themed malware.
Hackers with access to Linksys Smart Wi-Fi accounts were changing home routers' DNS server settings.
Jen Wei Warren, Linksys parent firm Belkin's global PR veep, told The Register that the original illicit access to customer routers through their cloud-hosted Smart Wi-Fi accounts was a successful credential-stuffing attempt using login details harvested from previous breaches elsewhere.
It said: "All Linksys Smart Wi-Fi accounts were locked at 8:00 pm PDT on April 2 because someone was logging in with email address and password combinations stolen from other websites."
We enforced a password change for all our Linksys Smart Wi-Fi Customers due to the recent COVID19 hacking.
News URL
Related news
- Lotus Panda Hacks SE Asian Governments With Browser Stealers and Sideloaded Malware (source)
- ⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors (source)
- iClicker site hack targeted students with malware via fake CAPTCHA (source)
- Hazy Hawk Exploits DNS Records to Hijack CDC, Corporate Domains for Malware Delivery (source)
- Botnet hacks 9,000+ ASUS routers to add persistent SSH backdoor (source)