Router biz Linksys has reset all its customers' Smart Wi-Fi account passwords after cybercrims accessed a bunch and redirected hapless users to COVID-19 themed malware.
The mass reset took place after all user accounts were locked on 2 April, following infosec firm Bitdefender revealing that malicious persons were pwning Linksys devices through cred-stuffing attacks. Hackers with access to Linksys Smart Wi-Fi accounts were changing home routers' DNS server settings. Compromised users' attempts to reach domains ranging from Disney, pornography, and Amazon AWS were redirected to a webpage peddling a coronavirus-themed app "that displays a message purportedly from the World Health Organization, telling users to download and install an application that offers instructions and information about COVID-19."
The app was hosted on Bitbucket, a Git-style collaboration tool. Instead of health advice it dispensed the Oski info-stealing malware, whcih helps itself to one's login credentials for various services, including cryptocurrency wallets.