Skip to main content
  1. Home
  2. Computing
  3. News

Porn, ads injected into Google Analytics code by new router malware

By
Ads Injected Via Hijacked Router DNS
A new variant of router malware has been discovered by Ara Labs, and it is designed to inject ads and pornography into websites. The malware modifies the router’s DNS settings to intercept Google Analytics tags and replace them with malicious content.
Recommended Videos

Because a number of websites use Google Analytics for traffic data, they are prime targets for a DNS attack. For the fraudsters, there’s plenty of potential for income – the attacker can sell ad spots to generate revenue. Assuming an individual infects numerous routers, this can result in a large sum of money.

Related

The malware variant is easily finding its way into routers due to the fact that many owners do not change their router’s login credentials. It can also send unauthenticated configuration requests to certain devices that are vulnerable to an attack.

Ara Labs has not specified which routers are being exploited at the moment.

This type of malware has been around for years, according to experts. There have been several reports published on DNS attacks, but they continue to be problematic.

When a hijack is successful, the DNS settings on the router are changed to point to a rogue DNS server controlled by the attacker. With this access, a fraudster can substitute a correct IP for the IP of a server that is under his or her control. This means that when you think you are visiting a certain domain, you may actually be connecting to a hacker’s server.

Proactive updates are the best protection – you should ensure that your router’s firmware is fully patched, and change your default credentials as soon as possible.

Editors’ Recommendations

Topics
Krystle Vermes
Krystle Vermes
Former Digital Trends Contributor
Krystle Vermes is a professional writer, blogger and podcaster with a background in both online and print journalism. Her…
New malware can steal your credit card details — and it’s spreading fast
An individual surrounded by several computers typing on a laptop.

A new, highly dangerous malware called "Erbium" has been making the rounds over the last couple of months, and it's highly likely that it will spread to new channels.

Erbium is an information-stealing tool that targets passwords, credit card information, cookies, cryptocurrency wallets, and more. Unfortunately, it's widely available, which means that it could be used in new ways in the future.

Read more
Hackers can now sneak malware into the GIFs you share
A video call in progress on Microsoft Teams.

How low will malware go to get onto your device? We thought using Minecraft to gain access to your computer was the most nefarious method hackers have produced, but there's a new, even lower type of attack that uses Microsoft Teams and GIFs to mount phishing attacks on your computer.

The new attack is called GIFShell and it installs malware on your computer to steal data. It does so by sneaking itself into innocent-looking GIFs and then waiting for you to share the GIF with your colleagues via Microsoft Teams.

Read more
Malware has a terrible new way to get to your computer
A villager looks at a sunset.

You've heard of malware spreading through spammy emails and mysterious links on strange websites. But now there's a new avenue of attack for bad actors to take -- and it's via Minecraft. Yes, you read it correctly. The open-world building game loved by seven-year-olds around the globe is quickly becoming a favorite method for spreading malware.

As reported by Bleeping Computer, Kaspersky Labs researched the phenomena from July 2021 until July 2022, and it found that in-game malware accounted for a significant amount of the malware that was spread in that time. Although there was a 30% drop in malware attacks in that year when compared to 2020, the amount of gaming-related malware actually increased. Minecraft on PC was the preferred vector.

Read more