Roaming Mantis Spreading Mobile Malware That Hijacks Wi-Fi Routers' DNS Settings

Threat actors associated with the Roaming Mantis attack campaign have been observed delivering an updated variant of their patent mobile malware known as Wroba to infiltrate Wi-Fi routers and undertake Domain Name System (DNS) hijacking.
Kaspersky, which carried out an analysis of the malicious artifact, said the feature is designed to target specific Wi-Fi routers located in South Korea.

analysis attack campaign dns domain domain name hijacking kaspersky korea malicious malware mantis mobile mobile malware name patent roaming mantis routers settings south south korea system target threat threat actors wi-fi