An unknown attacker has hijacked over 100,000 home routers and changed their DNS settings in a major campaign to steal login credentials from customers of several banks in Brazil. The attackers are attempting to install a version of a DNS hijacking exploit called DNSChanger on the routers and change their default settings so traffic gets redirected to a rogue server. The rogue server currently hosts phishing pages for 52 domains belonging to banks, cloud service providers, Netflix, and one cybersecurity firm. The campaign has exploded in scope from mostly targeting users of DLink DSL modem routers to targeting more than 70 different types of home routers.”]