The Roaming Mantis Malware Is Now Spreading Across The World

A dreadful malicious software dubbed roaming Mantis is wrecking havoc across the globe by infecting smartphones via Wi-Fi routers. It was rapidly expanding its reach across the planter after first surfacing only a few months ago.

This malware uses the method of DNS hijacking to compromise Wi-Fi routers in order to infect Android mobile phones and tabs. Moreover, it redirects iOS devices to a spoof website. Most importantly, it runs a crypto mining script called CoinHive on personal computers and desktop computers.

Until quite recently, this malware has affected only certain countries in Asia such as China, Korea, Bangladesh, and India. Now, it has added 24 more languages such as Arabic, Russian, and a number of European languages in order to broaden its spread.

This dreaded malware has picked out the most efficient and straightforward mode of DNS hijacking. This hijacking method involves hacking the settings of compromised Wi-Fi routers and compelling the routers to use their personal malicious DNS servers. Therefore, the device user will get redirected to a phishing website if they are using a device which is connected to the compromised Wi-fi router.

Even though Roaming Mantis only infected the android phones and tablets when it as released, its developers have now trained the malware to attack iOS devices as well. Android device users get a prompt to update their browser before they download a malware containing application which is masqueraded as either Google Chrome or Facebook. It requests a number of permissions and then uses these permission requests to get into the two-step authentication and hack the Google accounts.

At the same time, iOS users get redirected to a fake website of Apple which is named as They receive a prompt to enter their login credentials along with their credit card number.

If you wish to protect your devices and routers from this malware infection, then you should go through your Wi-Fi router’s user manual in order to ascertain whether or not the DNS settings have been fiddled with. You can also get in touch with your Internet Service Provider. The ISP will change the default login details including the password for the administrator web interface of the Wi-Fi router.

In addition to the methods mentioned above, install a robust antivirus software on all of your devices. Do a complete scan of all your devices and remove all the infected files. Change the passwords and cancel your credit card if you feel that you have become a victim of this malware. Update your firmware and antivirus software. Norton provides complete protection, it even secures the web browsers, and has a firewall which monitors all the incoming and outgoing traffic. To know more, head to

Leave a Reply

Your email address will not be published. Required fields are marked *