Home » Tutorial Network » Tutorial Smartphone » Beware, Mantis Roaming Malware Includes Frequent Use of Free Wi-Fi
Beware, Mantis Roaming Malware Includes Frequent Use of Free Wi-Fi
Do you often use public Wi-Fi (free)? If so, you should start to be careful from now on. Kaspersky recently conducted a study that revealed that public Wi-Fi was at risk of 'transmitting' malicious malware called Roaming Mantis.
The workings of this malware even fairly easy as snapping fingers. He attacked the victim's smartphone by infiltrating the router.
When smartpone is connected to a public Wi-Fi network router that is already infected, the malware will immediately paralyze the victim's smartphone.
According to Kaspersky Lab which has been summarized on Saturday (5/5/2018), malware works quickly and can steal user information from its Android smartphone.
Kaspersky researchers claim, the party behind the cyber attack aims to scavenge the financial benefits of this threatening mode.
Furthermore, Kaspersky explains hackers can look for weak routers with security holes. From there, they will distribute the malware through the trick by hijacking DNS from the attacked router. Unfortunately, the method of attacking the router is still unknown.
Once the DNS is hijacked, when accessing the website, the victim will be redirected to a link that appears to be genuine with fake content from the attacker's server.
The assumption as long as the browser displays the original URL will definitely make the user believe that the site he visited is also genuine.
From there, the victim will display the words "For a better browsing experience, update your Chrome version immediately".
Believing, the victim will click on the link that triggers the installation of a Trojan app under the name 'facebook apk' or 'chrome apk' which becomes the 'gate' of Malider Roaming Mantis opening.
Suguru Ishimaru, Security Researcher of Kaspersky Lab Japan, claims Roaming Mantis as an active and even rapidly growing threat.
Therefore, Kaspersky announced the findings now, rather than waiting for his side to get all the answers.
"There is a certain motivation for this attack, so we feel it is necessary to notify organizations and individuals of this threat The use of compromised routers and hijacked DNS shows the need for strong device protection and secure connection usage," Ishimaru said.
Kaspersky also revealed it has detected the spread of malware in more than 150 networks located mostly in South Korea, Bangladesh, and Japan in February-April 2018.
The company's analysis also proves there have been thousands of connections to the attack server on a daily basis, showing the possibility of a larger attack.
In addition, the research also shows some malware code that leads to mobile banking applications and ID of popular mobile app games. These indications suggest a motive for taking large financial gains.
Disclaimer: Images, Content of articles or videos that exist on the web sometimes come from various sources of other media. Copyright is fully owned by the source. If there is a problem with this matter, you can contact us here.