Over 100,000 routers have had their DNS settings modified to redirect users to phishing pages. The redirection occurs only when users are trying to access e-banking pages for Brazilian banks.
Around 88% of these routers are located in Brazil, and the campaign has been raging since at least mid-August when security firm Radware first spotted something strange.
But according to a new report published last week by Chinese cyber-security firm Qihoo 360, the group behind these attacks have stepped up their game.
By analyzing massive amounts of collected data, Qihoo 360’s Netlab division gained a deep look into the group’s modus operandi.
Read more here