{"id":27811,"date":"2019-07-12T19:14:00","date_gmt":"2019-07-12T19:14:00","guid":{"rendered":"http:\/\/4f3ead29-434a-4e0a-a118-54bdc357e9ae"},"modified":"2019-07-12T19:14:00","modified_gmt":"2019-07-12T19:14:00","slug":"brazil-is-at-the-forefront-of-a-new-type-of-router-attack","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/brazil-is-at-the-forefront-of-a-new-type-of-router-attack\/","title":{"rendered":"Brazil is at the forefront of a new type of router attack"},"content":{"rendered":"<p><span class=\"img aspect-set\"><img decoding=\"async\" src=\"https:\/\/zdnet3.cbsistatic.com\/hub\/i\/2018\/09\/30\/680d9fab-0c98-4f2a-aaf8-18976e31732d\/59a16c65149c3886110608ac06af1774\/ghostdns.png\" class alt=\"ghostdns.png\"><\/span><\/p>\n<p>For nearly a year, Brazilian users have been targeted with a new type of router attack that has not been seen anywhere else in the world.<\/p>\n<p>The attacks are nearly invisible to end users and can have disastrous consequences, having the ability to lead to direct financial losses for hacked users.<\/p>\n<p>What&#8217;s currently happening to routers in Brazil should be a warning sign for users and ISPs from all over the world, who should take precautions to secure devices before the attacks observed in South American country spread to them as well.<\/p>\n<h3>Router DNS-changing attacks<\/h3>\n<p>The attacks targeting routers in Brazil started last summer and were first observed by cyber-security firm <a href=\"https:\/\/blog.radware.com\/security\/2018\/08\/iot-hackers-trick-brazilian-bank-customers\/\" target=\"_blank\" rel=\"noopener noreferrer\">Radware<\/a>, and a month later by security researchers from <a href=\"https:\/\/blog.netlab.360.com\/70-different-types-of-home-routers-all-together-100000-are-being-hijacked-by-ghostdns-en\/\" target=\"_blank\" rel=\"noopener noreferrer\">Netlab<\/a>, a network threat hunting unit of Chinese cyber-security giant Qihoo 360.<\/p>\n<p>At the time, the two companies described how a group of cyber-criminals had infected over 100,000 home routers in Brazil and were modifying their DNS settings.<\/p>\n<p>The modifications made to these routers redirected infected users to malicious clone websites whenever they tried to access e-banking sites for certain Brazilian banks.<\/p>\n<p>Similar attacks were seen a few months later, in April 2019 by threat intel firm Bad Packets, who <a href=\"https:\/\/badpackets.net\/ongoing-dns-hijacking-campaign-targeting-consumer-routers\/\" target=\"_blank\" rel=\"noopener noreferrer\">detailed another wave of attacks<\/a>, but this time aimed primarily against D-Link routers, also hosted on Brazilian ISPs.<\/p>\n<section class=\"sharethrough-top\" data-component=\"medusaContentRecommendation\" data-medusa-content-recommendation-options=\"{&quot;promo&quot;:&quot;promo_ZD_recommendation_sharethrough_top_in_article_desktop&quot;,&quot;spot&quot;:&quot;dfp-in-article&quot;}\">\n<\/section>\n<p>This time around, besides hijacking users visiting Brazilian banks, the hackers were also redirecting users to phishing pages for Netflix, Google, and PayPal, to collect their credentials, <a href=\"https:\/\/www.ixiacom.com\/company\/blog\/paypal-netflix-gmail-and-uber-users-among-targets-new-wave-dns-hijacking-attacks\" target=\"_blank\" rel=\"noopener noreferrer\">according to researchers at Ixia<\/a>.<\/p>\n<p>But according to a report published by Avast this week, <a href=\"https:\/\/decoded.avast.io\/threatintel\/router-exploit-kits-an-overview-of-routercsrf-attacks-and-dns-hijacking-in-brazil\/\" target=\"_blank\" rel=\"noopener noreferrer\">these attacks haven&#8217;t stopped<\/a>. In fact, according to the company, in the first half of 2019, hackers have infected and modified the DNS settings of over 180,000 Brazilian routers.<\/p>\n<p><span class=\"img aspect-set\"><img decoding=\"async\" src=\"https:\/\/www.zdnet.com\/article\/brazil-is-at-the-forefront-of-a-new-type-of-router-attack\/\" class=\"lazy\" alt=\"Brazil router attacks\" data-original=\" https:\/\/zdnet3.cbsistatic.com\/hub\/i\/2019\/07\/12\/cd343cb7-de95-4cf4-881b-947d67cabb42\/0c934a193da989a14e83f2ba6db42ae3\/brazil-router-attacks.png\"><\/span><noscript><\/p>\n<p><span class=\"img aspect-set\"><img decoding=\"async\" src=\"https:\/\/zdnet3.cbsistatic.com\/hub\/i\/2019\/07\/12\/cd343cb7-de95-4cf4-881b-947d67cabb42\/0c934a193da989a14e83f2ba6db42ae3\/brazil-router-attacks.png\" class alt=\"Brazil router attacks\"><\/span><\/p>\n<p><\/noscript><\/p>\n<p><span class=\"caption\">Attacks blocked by Avast on Brazilian routers<\/span><\/p>\n<p><span class=\"credit\">Image: Avast<\/span><\/p>\n<p>Furthermore, the complexity of the attacks has increased, and the number of actors involved in the attacks appears to have gone up as well.<\/p>\n<h3>How a router hack takes place<\/h3>\n<p>According to Avast researchers David Jursa and Alexej Sav\u010din, most Brazilian users are having their home routers hacked while visiting sports and movie streaming sites, or adult portals.<\/p>\n<p>On these sites, malicious ads (malvertising) run special code inside users&#8217; browsers to search and detect the IP address of a home router, the router&#8217;s model. When they detect the router&#8217;s IP and model, the malicious ads then use a list of default usernames and passwords to log into users&#8217; devices, without their knowledge.<\/p>\n<p>The attacks take a while, but most users won&#8217;t notice anything because they&#8217;re usually busy watching the video streams on the websites they&#8217;ve just accessed.<\/p>\n<p>If the attacks are successful, additional malicious code relayed through the malicious ads will modify the default DNS settings on the victims&#8217; routers, replacing the DNS server IP addresses routers receive from the upstream ISPs with the IP addresses of DNS servers managed by the hackers.<\/p>\n<p>The next time the users&#8217; smartphone or computer connects to the router, it will receive the malicious DNS server IP addresses, and this way, funnel all DNS requests through the attacker&#8217;s servers, allowing them to hijack and redirect traffic to malicious clones.<\/p>\n<h3>GhostDNS, Navidade, and SonarDNS<\/h3>\n<p>Per Avast&#8217;s investigation hackers have been using two special kits for these attacks. The first one is called GhostDNS, and is the one that&#8217;s been first spotted since last summer, and the botnet described by Radware and Netlab last year.<\/p>\n<p>A variant of GhostDNS, called Navidade, also appeared in February.<\/p>\n<p>Per Avast, &#8220;Novidade attempted to infect Avast users&#8217; routers over 2.6 million times in February alone and was spread via three campaigns.&#8221;<\/p>\n<p>Furthermore, since mid-April, another player entered the market. Avast calls this new botnet SonarDNS because the attacker appears to have re-purposed a penetration testing framework <a href=\"https:\/\/github.com\/mandatoryprogrammer\/sonar.js\" target=\"_blank\" rel=\"noopener noreferrer\">named Sonar.js<\/a> as the backbone for their infrastructure.<\/p>\n<p>And Sonar.js is perfect for the router attacks. This JavaScript library is normally used by penetration testers for identifying and launching exploits against internal network hosts, and is ideal for determining a router type and running exploits on the targeted device with just a few lines of code.<\/p>\n<p>Avast says it seen SonarDNS in three different campaigns over the last three months, and its modus operandi appears to be mimicking how GhostDNS operates.<\/p>\n<h3>Ad replacing and cryptojacking<\/h3>\n<p>But the DNS hijacking attacks aimed at routers in Brazil have not stood still and have also evolved. Besides hijacking traffic and redirecting users to phishing pages, the hacker groups behind these attacks have also added additional tricks to their arsenal.<\/p>\n<p>The first is to intercept user traffic and replace legitimate ads with adverts operated or that generate profit for the attackers.<\/p>\n<p>This tactic isn&#8217;t new, per-se. In 2016, Proofpoint researchers spotted an exploit kit which they <a href=\"https:\/\/www.proofpoint.com\/us\/threat-insight\/post\/home-routers-under-attack-malvertising-windows-android-devices\" target=\"_blank\" rel=\"noopener noreferrer\">named DNSChanger EK<\/a> that did the same thing &#8212; replacing legitimate ads with malicious ones &#8212; and is most likely the inspiration for what the botnet operators targeting Brazil are doing now.<\/p>\n<p>Second, the operators of GhostDNS, Navidade, and SonarDNS, have also been deploying browser-based cryptojacking scripts. This last tactic has also been seen in Brazil before, last year, when another group <a href=\"https:\/\/www.zdnet.com\/article\/mikrotik-routers-enslaved-in-massive-coinhive-cryptojacking-campaign\/\" target=\"_blank\" rel=\"noopener noreferrer\">hijacked over 200,000 Mikrotik routers<\/a> and added in-browser cryptocurrency miners to users&#8217; web traffic.<\/p>\n<h3>Danger of spreading to other countries<\/h3>\n<p>But despite all of this, the DNS-changing attacks are the ones that are the most dangerous of all for end users. This is because the botnet operators are phishing users&#8217; credentials, and hijacking online profiles or stealing money from users&#8217; bank accounts.<\/p>\n<p>With the attacks being so sneaky, hard to detect, and so profitable, it&#8217;s still a mystery why they haven&#8217;t spread to other countries.<\/p>\n<p>Hacking routers is both cheap and easy. However, most IoT botnets today enslave these devices to perform DDoS attacks or act as proxies for bad traffic, brute-force, or credential stuffing attacks. Using routers for phishing would be way more profitable.<\/p>\n<p>Users who want to stay safe against any IoT botnet that targets routers to modify DNS settings have a few options at their disposal:<\/p>\n<ul>\n<li>Use complex router administration passwords<\/li>\n<li>Keep routers up to date<\/li>\n<li>Use custom DNS settings on their devices, which prevent the device OS from requesting possibly tainted DNS settings from the local router<\/li>\n<\/ul>\n<h3>Related malware and cybercrime coverage:<\/h3>\n<p>READ MORE <a href=\"https:\/\/www.zdnet.com\/article\/brazil-is-at-the-forefront-of-a-new-type-of-router-attack\/#ftag=RSSbaffb68\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Avast: More than 180,000 routers in Brazil had their DNS settings changed in Q1 2019.<br \/>\nREAD MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":27812,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[62],"tags":[],"class_list":["post-27811","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-zdnet-security"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v28.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Brazil is at the forefront of a new type of router attack 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/brazil-is-at-the-forefront-of-a-new-type-of-router-attack\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Brazil is at the forefront of a new type of router attack 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/brazil-is-at-the-forefront-of-a-new-type-of-router-attack\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2019-07-12T19:14:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/07\/brazil-is-at-the-forefront-of-a-new-type-of-router-attack.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1000\" \/>\n\t<meta property=\"og:image:height\" content=\"430\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/brazil-is-at-the-forefront-of-a-new-type-of-router-attack\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/brazil-is-at-the-forefront-of-a-new-type-of-router-attack\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Brazil is at the forefront of a new type of router attack\",\"datePublished\":\"2019-07-12T19:14:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/brazil-is-at-the-forefront-of-a-new-type-of-router-attack\\\/\"},\"wordCount\":1057,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/brazil-is-at-the-forefront-of-a-new-type-of-router-attack\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/07\\\/brazil-is-at-the-forefront-of-a-new-type-of-router-attack.png\",\"articleSection\":[\"ZDNet | Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/brazil-is-at-the-forefront-of-a-new-type-of-router-attack\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/brazil-is-at-the-forefront-of-a-new-type-of-router-attack\\\/\",\"name\":\"Brazil is at the forefront of a new type of router attack 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/brazil-is-at-the-forefront-of-a-new-type-of-router-attack\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/brazil-is-at-the-forefront-of-a-new-type-of-router-attack\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/07\\\/brazil-is-at-the-forefront-of-a-new-type-of-router-attack.png\",\"datePublished\":\"2019-07-12T19:14:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/brazil-is-at-the-forefront-of-a-new-type-of-router-attack\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/brazil-is-at-the-forefront-of-a-new-type-of-router-attack\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/brazil-is-at-the-forefront-of-a-new-type-of-router-attack\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/07\\\/brazil-is-at-the-forefront-of-a-new-type-of-router-attack.png\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/07\\\/brazil-is-at-the-forefront-of-a-new-type-of-router-attack.png\",\"width\":1000,\"height\":430},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/brazil-is-at-the-forefront-of-a-new-type-of-router-attack\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Brazil is at the forefront of a new type of router attack\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Brazil is at the forefront of a new type of router attack 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/brazil-is-at-the-forefront-of-a-new-type-of-router-attack\/","og_locale":"en_US","og_type":"article","og_title":"Brazil is at the forefront of a new type of router attack 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/brazil-is-at-the-forefront-of-a-new-type-of-router-attack\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2019-07-12T19:14:00+00:00","og_image":[{"width":1000,"height":430,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/07\/brazil-is-at-the-forefront-of-a-new-type-of-router-attack.png","type":"image\/png"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/brazil-is-at-the-forefront-of-a-new-type-of-router-attack\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/brazil-is-at-the-forefront-of-a-new-type-of-router-attack\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Brazil is at the forefront of a new type of router attack","datePublished":"2019-07-12T19:14:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/brazil-is-at-the-forefront-of-a-new-type-of-router-attack\/"},"wordCount":1057,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/brazil-is-at-the-forefront-of-a-new-type-of-router-attack\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/07\/brazil-is-at-the-forefront-of-a-new-type-of-router-attack.png","articleSection":["ZDNet | Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/brazil-is-at-the-forefront-of-a-new-type-of-router-attack\/","url":"https:\/\/www.threatshub.org\/blog\/brazil-is-at-the-forefront-of-a-new-type-of-router-attack\/","name":"Brazil is at the forefront of a new type of router attack 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/brazil-is-at-the-forefront-of-a-new-type-of-router-attack\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/brazil-is-at-the-forefront-of-a-new-type-of-router-attack\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/07\/brazil-is-at-the-forefront-of-a-new-type-of-router-attack.png","datePublished":"2019-07-12T19:14:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/brazil-is-at-the-forefront-of-a-new-type-of-router-attack\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/brazil-is-at-the-forefront-of-a-new-type-of-router-attack\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/brazil-is-at-the-forefront-of-a-new-type-of-router-attack\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/07\/brazil-is-at-the-forefront-of-a-new-type-of-router-attack.png","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/07\/brazil-is-at-the-forefront-of-a-new-type-of-router-attack.png","width":1000,"height":430},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/brazil-is-at-the-forefront-of-a-new-type-of-router-attack\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Brazil is at the forefront of a new type of router attack"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/27811","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=27811"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/27811\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/27812"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=27811"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=27811"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=27811"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}