The issue became apparent when the company's employee saw repeated ads of instructions in his browser to download COVID-19 related apps. These apps were malware samples.
Linksys Router Attacks Timeline
Bitdefender was the first to report these attacks in late March. It revealed that there was a malicious payload stored in a bit bucket.
The security firm said that the attack was meant for the Linksys router. The attackers aimed to hack the routers and change their DNS and IP addresses so that they could direct the users with Oski Infostealer.
The attacks supposedly began on March 18, 2020, and had caught over a thousand victims within the first week.
By the end of the March, Linksys posted information about the hacking attack and requested the users to change their password.
What is Linksys Doing?
The company stated that they analyzed their cloud traffic patterns and found a coordinated effort to access and modify Linksys Smart Wi-Fi Accounts maliciously. The attackers had used credentials stolen from other websites. However, Linksys has taken additional security steps in the Cloud to fight these malware attacks, out of an excess of attention, Linksys asked the Smart Wi-Fi users to reset their passwords.
The company also informed its users that there would be a request to change your password in the next login, and they should also check the DNS settings of their router to ensure that their anti-malware and antivirus protection is up to date.
The company also decided to lock all Linksys accounts to contain the intrusion.
The company also stated that when users change the password, the company will check the user's router's DNS settings, which were the targets of this attack. Linksys has promised to fix the issues for its users. For Linksys users, it is recommended that they restart their computers and mobile devices, which were connected to the Linksys network.
The company also warned that if the user's browser has shown instructions for downloading COVID-19 related apps, any successful app download by the users has made their device infected by malware.
Linksys is taking preventive measures to ensure the security of routers for its users. Meanwhile, users are recommended to change their passwords, avoid downloading any app from the router adds, and restart their devices.