Roaming Mantis Spreading Mobile Malware That Hijacks Wi-Fi Routers DNS Settings


Threat actors connected to the Roaming Mantis attack campaign have been seen distributing an enhanced version of their patented mobile malware called Wroba in order to compromise Wi-Fi routers and perform DNS hijacking. The functionality is intended to specifically target South Korean Wi-Fi routers, according to Kaspersky, which conducted an investigation of the malicious artefact. Roaming Mantis, also known as Shaoye, is a long-running, profit-driven organisation that targets Android smartphone users with malware that may steal bank account credentials and gather other sorts of private data.

Read More…