{"id":34043,"date":"2020-03-26T14:39:20","date_gmt":"2020-03-26T14:39:20","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/31064\/New-Attack-On-Home-Routers-Sends-Users-To-Spoofed-Sites-That-Push-Malware.html"},"modified":"2020-03-26T14:39:20","modified_gmt":"2020-03-26T14:39:20","slug":"new-attack-on-home-routers-sends-users-to-spoofed-sites-that-push-malware","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/new-attack-on-home-routers-sends-users-to-spoofed-sites-that-push-malware\/","title":{"rendered":"New Attack On Home Routers Sends Users To Spoofed Sites That Push Malware"},"content":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2020\/03\/linksys-800x451.jpg\" alt=\"Photograph of a Linksys router.\"><\/p>\n<aside id=\"social-left\" class=\"social-left\" aria-label=\"Read the comments or share this article\">\n<h4 class=\"comment-count-before\"><a title=\"34 posters participating\" class=\"comment-count icon-comment-bubble-down\" href=\"https:\/\/arstechnica.com\/information-technology\/2020\/03\/new-attack-on-home-routers-sends-users-to-spoofed-sites-that-push-malware\/?comments=1\">reader comments<\/a><\/h4>\n<p><a title=\"34 posters participating\" class=\"comment-count icon-comment-bubble-down\" href=\"https:\/\/arstechnica.com\/information-technology\/2020\/03\/new-attack-on-home-routers-sends-users-to-spoofed-sites-that-push-malware\/?comments=1\"><span class=\"comment-count-number\">46<\/span> <span class=\"visually-hidden\">with 34 posters participating<\/span><\/a><\/p>\n<div class=\"share-links\">\n<h4>Share this story<\/h4>\n<\/div>\n<\/aside>\n<p>A recently discovered hack of home and small-office routers is redirecting users to malicious sites that pose as COVID-19 informational resources in an attempt to install malware that steals passwords and cryptocurrency credentials, researchers said on Wednesday.<\/p>\n<p>A <a href=\"https:\/\/labs.bitdefender.com\/2020\/03\/new-router-dns-hijacking-attacks-abuse-bitbucket-to-host-infostealer\/\">post published by security firm Bitdefender<\/a> said the compromises are hitting Linksys routers, although BleepingComputer, which <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/hackers-hijack-routers-dns-to-spread-malicious-covid-19-apps\/\">reported the attack two days ago<\/a>, said the campaign also targets D-Link devices.<\/p>\n<p>It remains unclear how attackers are compromising the routers. The researchers, citing data collected from Bitdefender security products, suspect that the hackers are guessing passwords used to secure routers\u2019 remote management console when that feature is turned on. Bitdefender also hypothesized that compromises may be carried out by guessing credentials for users\u2019 Linksys cloud accounts.<\/p>\n<h2>Not the AWS site you\u2019re looking for<\/h2>\n<p>The router compromises allow attackers to designate the DNS servers connected devices use. DNS servers use the Internet domain name system to translate domain names into IP addresses so that computers can find the location of sites or servers users are trying to access. By sending devices to DNS servers that provide fraudulent lookups, attackers can redirect people to malicious sites that serve malware or attempt to phish passwords.<\/p>\n<p>The malicious DNS servers send targets to the domain they requested. Behind the scenes, however, the sites are spoofed, meaning they\u2019re served from malicious IP addresses, rather than the legitimate IP address used by the domain owner. Liviu Arsene, the Bitdefender researcher who wrote Wednesday&#8217;s post, told me that spoofed sites close port 443, the Internet gate that transmits traffic protected by HTTPS authentication protections. The closure causes sites to connect over HTTP and in so doing, prevents the display of warnings from browsers or email clients that a TLS certificate is invalid or untrusted.<\/p>\n<p>Domains swept into the campaign include:<\/p>\n<ul>\n<li>aws.amazon.com<\/li>\n<li>goo.gl<\/li>\n<li>bit.ly<\/li>\n<li>washington.edu<\/li>\n<li>imageshack.us<\/li>\n<li>ufl.edu<\/li>\n<li>disney.com<\/li>\n<li>cox.net<\/li>\n<li>xhamster.com<\/li>\n<li>pubads.g.doubleclick.net<\/li>\n<li>tidd.ly<\/li>\n<li>redditblog.com<\/li>\n<li>fiddler2.com<\/li>\n<li>winimage.com<\/li>\n<\/ul>\n<p>The IP addresses serving the malicious DNS lookups are 109.234.35.230 and 94.103.82.249.<\/p>\n<p>The malicious-sites users land on claim to offer an app that provides \u201cthe latest information and instructions about coronavirus (COVID-19).\u201d<\/p>\n<p><a href=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2020\/03\/malicious-app-download.png\" class=\"enlarge\" data-height=\"658\" data-width=\"967\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2020\/03\/malicious-app-download-640x435.png\" width=\"640\" height=\"435\" srcset=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2020\/03\/malicious-app-download.png 2x\"><\/a> <\/p>\n<div class=\"caption-credit\">Bifdefender<\/div>\n<p>Users who click on the download button are ultimately redirected to one of several Bitbucket pages that offers a file that installs malware. Known as Oski, the relatively new piece of malware extracts browser credentials, cryptocurrency wallet addresses, and possibly other types of sensitive information.<\/p>\n<h2>US, Germany, and France most targeted<\/h2>\n<p>There were 1,193 downloads from one of the four Bitbucket accounts used. With attackers using at least three other Bitbucket accounts, the download number is likely much higher. (The actual number of people infected is probably smaller than the download total, since some people may not have clicked on the installer or accessed the page for research purposes).<\/p>\n<p>Bitdefender data shows the attack started on or around March 18 and hit a peak on March 23. Bitdefender data also shows that the routers targeted the most were located in Germany, France, and the United States. At this moment, these countries are among those most suffering the devastating effects of COVID-19, which at the time this post went live had caused more than <a href=\"https:\/\/hgis.uw.edu\/virus\/\">436,856 infections and 19,549 deaths<\/a> worldwide.<\/p>\n<p>To prevent attacks on routers, the devices should have remote administration turned off whenever possible. In the event this feature is absolutely necessary, it should be used only by experienced users and protected by a strong password. Cloud accounts\u2014which also make it possible to remotely administer routers\u2014should follow the same guidelines. Moreover, people should frequently ensure that router firmware is up-to-date.<\/p>\n<p>People who want to check if they have been targeted can check the Bitdefender post for indicators of compromise. Take note: the indicators may be hard for less experienced users to follow.<\/p>\n<p> READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/31064\/New-Attack-On-Home-Routers-Sends-Users-To-Spoofed-Sites-That-Push-Malware.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":34044,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[277],"tags":[8532],"class_list":["post-34043","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-blogs","tag-headlinehackermalwaredns"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>New Attack On Home Routers Sends Users To Spoofed Sites That Push Malware 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/new-attack-on-home-routers-sends-users-to-spoofed-sites-that-push-malware\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"New Attack On Home Routers Sends Users To Spoofed Sites That Push Malware 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/new-attack-on-home-routers-sends-users-to-spoofed-sites-that-push-malware\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2020-03-26T14:39:20+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/03\/new-attack-on-home-routers-sends-users-to-spoofed-sites-that-push-malware.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"451\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-attack-on-home-routers-sends-users-to-spoofed-sites-that-push-malware\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-attack-on-home-routers-sends-users-to-spoofed-sites-that-push-malware\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"New Attack On Home Routers Sends Users To Spoofed Sites That Push Malware\",\"datePublished\":\"2020-03-26T14:39:20+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-attack-on-home-routers-sends-users-to-spoofed-sites-that-push-malware\\\/\"},\"wordCount\":656,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-attack-on-home-routers-sends-users-to-spoofed-sites-that-push-malware\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/03\\\/new-attack-on-home-routers-sends-users-to-spoofed-sites-that-push-malware.jpg\",\"keywords\":[\"headline,hacker,malware,dns\"],\"articleSection\":[\"CyberSecurity Blogs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-attack-on-home-routers-sends-users-to-spoofed-sites-that-push-malware\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-attack-on-home-routers-sends-users-to-spoofed-sites-that-push-malware\\\/\",\"name\":\"New Attack On Home Routers Sends Users To Spoofed Sites That Push Malware 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-attack-on-home-routers-sends-users-to-spoofed-sites-that-push-malware\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-attack-on-home-routers-sends-users-to-spoofed-sites-that-push-malware\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/03\\\/new-attack-on-home-routers-sends-users-to-spoofed-sites-that-push-malware.jpg\",\"datePublished\":\"2020-03-26T14:39:20+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-attack-on-home-routers-sends-users-to-spoofed-sites-that-push-malware\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-attack-on-home-routers-sends-users-to-spoofed-sites-that-push-malware\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-attack-on-home-routers-sends-users-to-spoofed-sites-that-push-malware\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/03\\\/new-attack-on-home-routers-sends-users-to-spoofed-sites-that-push-malware.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/03\\\/new-attack-on-home-routers-sends-users-to-spoofed-sites-that-push-malware.jpg\",\"width\":800,\"height\":451},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-attack-on-home-routers-sends-users-to-spoofed-sites-that-push-malware\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,malware,dns\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackermalwaredns\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"New Attack On Home Routers Sends Users To Spoofed Sites That Push Malware\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"New Attack On Home Routers Sends Users To Spoofed Sites That Push Malware 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/new-attack-on-home-routers-sends-users-to-spoofed-sites-that-push-malware\/","og_locale":"en_US","og_type":"article","og_title":"New Attack On Home Routers Sends Users To Spoofed Sites That Push Malware 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/new-attack-on-home-routers-sends-users-to-spoofed-sites-that-push-malware\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2020-03-26T14:39:20+00:00","og_image":[{"width":800,"height":451,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/03\/new-attack-on-home-routers-sends-users-to-spoofed-sites-that-push-malware.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/new-attack-on-home-routers-sends-users-to-spoofed-sites-that-push-malware\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/new-attack-on-home-routers-sends-users-to-spoofed-sites-that-push-malware\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"New Attack On Home Routers Sends Users To Spoofed Sites That Push Malware","datePublished":"2020-03-26T14:39:20+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/new-attack-on-home-routers-sends-users-to-spoofed-sites-that-push-malware\/"},"wordCount":656,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/new-attack-on-home-routers-sends-users-to-spoofed-sites-that-push-malware\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/03\/new-attack-on-home-routers-sends-users-to-spoofed-sites-that-push-malware.jpg","keywords":["headline,hacker,malware,dns"],"articleSection":["CyberSecurity Blogs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/new-attack-on-home-routers-sends-users-to-spoofed-sites-that-push-malware\/","url":"https:\/\/www.threatshub.org\/blog\/new-attack-on-home-routers-sends-users-to-spoofed-sites-that-push-malware\/","name":"New Attack On Home Routers Sends Users To Spoofed Sites That Push Malware 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/new-attack-on-home-routers-sends-users-to-spoofed-sites-that-push-malware\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/new-attack-on-home-routers-sends-users-to-spoofed-sites-that-push-malware\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/03\/new-attack-on-home-routers-sends-users-to-spoofed-sites-that-push-malware.jpg","datePublished":"2020-03-26T14:39:20+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/new-attack-on-home-routers-sends-users-to-spoofed-sites-that-push-malware\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/new-attack-on-home-routers-sends-users-to-spoofed-sites-that-push-malware\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/new-attack-on-home-routers-sends-users-to-spoofed-sites-that-push-malware\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/03\/new-attack-on-home-routers-sends-users-to-spoofed-sites-that-push-malware.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/03\/new-attack-on-home-routers-sends-users-to-spoofed-sites-that-push-malware.jpg","width":800,"height":451},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/new-attack-on-home-routers-sends-users-to-spoofed-sites-that-push-malware\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,malware,dns","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackermalwaredns\/"},{"@type":"ListItem","position":3,"name":"New Attack On Home Routers Sends Users To Spoofed Sites That Push Malware"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/34043","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=34043"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/34043\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/34044"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=34043"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=34043"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=34043"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}