GhostDNS: New DNS Changer Botnet Hijacked Over 100,000 Routers

Eduardo Rocha Senior Sales Engineer and Security Analyst

1st October, 2018 1 Min read

Chinese cybersecurity researchers have uncovered a widespread, ongoing malware campaign that has already hijacked over 100,000 home routers and modified their DNS settings to hack users with malicious web pages—especially if they visit banking sites—and steal their login credentials.

Dubbed GhostDNS, the campaign has many similarities with the infamous DNSChanger malware that works by changing DNS server settings on an infected device, allowing attackers to route the users’ internet traffic through malicious servers and steal sensitive data.

How One AI-Driven Media Platform Cut EBS Costs for AWS ASGs by 48%

According to a new report from cybersecurity firm Qihoo 360’s NetLab, just like the regular DNSChanger campaign, GhostDNS scans for the IP addresses for routers that use weak or no password at all, accesses the routers’ settings, and then changes the router’s default DNS address to the one controlled by the attackers.

In order to avoid yourself from being a victim to such attacks, you are recommended to ensure that your router is running the latest version of the firmware and set a strong password for the router web portal.

A close-up of a hand resting on a computer keyboard with illuminated keys and a dark background.

Latest Articles

Cloud Cost Optimization Cloud Security

What are the biggest business worries in 2025?

No matter their industry or profession, practically every business in the UK and around the world has concerns for the year ahead. Whether it’s employee retention, rising costs, or simply finding new customers, each and every business owner has to make crucial decisions around these fears in order to successfully lead their company forward. However, […]

20th February, 2025

Cloud Security

From 2024 to 2025: The Evolving DDoS Threat Landscape

The numbers from the DDoS landscape tell a troubling story. In Q3 2024, DDoS attacks reached unprecedented levels, reaching a record-breaking Tbps and billion packet-per-second attack. These hyper-volumetric campaigns tested the resilience of global networks against attackers who are becoming faster, smarter, and more resourceful. They also became a wake-up call for IT leaders who […]

13th February, 2025

Cloud Security

Universal ZTNA: How Does it Compare to Traditional ZTNA?

How will you protect your network as cloud-first strategies and hybrid workforces redefine the modern business landscape? While Traditional Zero-Trust Network Access (ZTNA) solutions laid the foundation for secure access, Universal ZTNA is rewriting the rules. Imagine a solution that unifies your security policies across all environments, simplifies management, and scales easily. That’s Universal ZTNA. […]

12th February, 2025

4 Common Kafka Installation Errors – And Proven Steps to Avoid Them

Apache Kafka is the platform of choice for real-time data processing, but getting it up and running can feel like an uphill battle. With high throughput and fault tolerance, companies like Spotify rely on this distributed streamlining platform to deliver seamless services for over 600 million global users – supporting everything from log aggregation and […]

9th February, 2025

Back to Resources

Unlock Your Cloud Potential