Well, this is (not surprisingly) ludicrous. Hackers, perhaps targeting home and small office routers with weak passwords, have begun altering DNS settings and redirecting users to malicious websites posing as legitimate Covid-19 resources.

"Covid-19 is a recurring theme that cybercriminals have exploited to trap their victims. Malicious reports involving coronavirus-themed malware increased five-fold in March compared to February, with attackers using phishing scams to exploit misinformation about the coronavirus and fears about medical supply shortages," BitDefender said in a blog post.

According to BitDefender, attackers have focused primarily on Linksys-branded routers, but Bleeping Computer notes that D-Link models have also been the target of related hacking attacks. In both cases, hackers appear to be using a "brute force attack" method of breaking into the routers, i.e., trying to guess passwords and passphrases both locally and in the cloud.

Once in, hackers modify DNS IP settings. As a byproduct of this, they can redirect web queries to specific websites. [Interestingly, by changing the DNS settings of the router, the user is led to believe that they have arrived at a legitimate web page, except that it is served from a different IP address. For example, if a user types 'example.com,' the web page would not be served from a legitimate IP address, but from an attacker-controlled IP resolved by a malicious DNS setting," BitDefender explains.

BitDefender adds, "If the attacker-controlled web page is a look-alike duplicate, the user will assume that they have actually arrived at a legitimate web page, judging from the domain name displayed in the browser's address bar."

The spoofed website urges users to download the informative Covid-19 app in order to "get the latest information and instructions about coronaviruses." The app claims to be from the World Health Organization (WHO), but it is definitely not.

Targeted domains include washington.edu, aws.amazon.com, cox.net, disney.com, and redditblog.com.

"To avoid hijacking through brute force or credential stuffing attacks, other than changing the router's control panel access credentials (which should not be the default), users are encouraged to change their Linksys cloud account credentials, or router s remote administration account," BitDefender states.

Additionally, it is recommended to ensure that the router's firmware is the latest version.