Roaming Mantis Spreading Mobile Malware That Hijacks Wi-Fi Routers DNS Settings

20-Jan-23

Threat actors connected to the Roaming Mantis attack campaign have been seen distributing an enhanced version of their patented mobile malware called Wroba in order to compromise Wi-Fi routers and perform DNS hijacking. The functionality is intended to specifically target South Korean Wi-Fi routers, according to Kaspersky, which conducted an investigation of the malicious artefact. Roaming Mantis, also known as Shaoye, is a long-running, profit-driven organisation that targets Android smartphone users with malware that may steal bank account credentials and gather other sorts of private data.

Read More…