- Web browser opens automatically and prompts to install a COVID-19 app
After some research, it has been determined that these messages are a result of a cyber attack that changed or compromised the DNS of your router. This attack hijacks your router's DNS settings using a malware that will attempt to steal the following information:
- Browser cookies
- Browser history
- Browser payment information
- Saved login credentials
- Cryptocurrency wallets
- Text files
- Browser form autofill information
- Authy Two-Factor Authentication (2FA) databases
- A screenshot of your desktop at the time of infection
Solution: If you experienced the attack, it is highly recommended that you follow these steps:
Log in to your router and access the DNS settings.
If you see that the DNS servers were manually configured to 126.96.36.199 and 188.8.131.52, remove them immediately and replace it with 0.
NOTE: Click here to learn more about changing the DNS settings via the Linksys app.
Save your settings.
It is necessary to do the following:
- Change your router's admin password. This will prevent the attackers from accessing your router again. For instructions, click here.
- Restart your router and all devices connected to it. This will trigger the devices to re-connect and set a new DNS.
- It is also important that you reset the password of your Linksys server account as it is possible that your DNS settings were changed using your compromised password. For instructions, click here.
IMPORTANT: If you downloaded the app, it is highly recommended that you uninstall it and run a malware scan on your computer. Once your computer is free of malware, consider changing all the passwords you have saved on your browser while your computer was infected.
Was this support article useful?
Thank you for your feedback.
Please tell us how we can make this article useful.
Additional Support Questions?
LINKSYS LIVE CHAT
Help With Linksys.com
I have a question about a Linksys product or a Linksys Store promotion.
Get help with an issue or learn how to maximise the potential of my Linksys product.