Hackers can infiltrate people’s home networks through their routers using an attack called DNS Hijacking. This type of attack changes the router’s DNS settings to display malicious webpages chosen by the attacker. While this type of attack is not new, it has been more widely used over the past few months during the COVID-19 pandemic.
DNS Hijacking attacks are designed to trick the victim into thinking that he/she is receiving an emergency update or to display fake webpages similar to those frequently visited by the victim (e.g., online banking). Once the user is directed to these mock pages, he/she is instructed to enter login information or personally identifiable information (PII) which is then sent back to the attacker or to download a malicious payload.
With many more millions of people currently working from home on their own network hardware, DNS Hijacking poses an immediate threat both to individuals and their employers. In a typical corporate setting, an attacker must bypass various safeguards in order to penetrate the network. Home routers, on the other hand, are typically set up right out of the box with default settings and not properly configured or updated over time.