Security News > 2020 > April > Linksys forces password reset for Smart Wi-Fi accounts after router DNS hack pointed users at COVID-19 malware
Router biz Linksys has reset all its customers' Smart Wi-Fi account passwords after cybercrims accessed a bunch and redirected hapless users to COVID-19 themed malware.
Hackers with access to Linksys Smart Wi-Fi accounts were changing home routers' DNS server settings.
Jen Wei Warren, Linksys parent firm Belkin's global PR veep, told The Register that the original illicit access to customer routers through their cloud-hosted Smart Wi-Fi accounts was a successful credential-stuffing attempt using login details harvested from previous breaches elsewhere.
It said: "All Linksys Smart Wi-Fi accounts were locked at 8:00 pm PDT on April 2 because someone was logging in with email address and password combinations stolen from other websites."
We enforced a password change for all our Linksys Smart Wi-Fi Customers due to the recent COVID19 hacking.
News URL
Related news
- New Cuttlefish malware infects routers to monitor traffic for credentials (source)
- New Cuttlefish Malware Hijacks Router Connections, Sniffs for Cloud Credentials (source)
- New SOHO router malware aims for cloud accounts, internal company resources (source)
- Malware botnet bricked 600,000 routers in mysterious 2023 event (source)
- Malware botnet bricked 600,000 routers in mysterious 2023 attack (source)