New worm infect Linux-based home modem/routers
Mar 25, 2009, 16:32 (5 Talkback[s])
(Other stories by Samantha Rose Hunt)
[ Thanks to Dan
Warne for this link. ]
"The first generation targeted very few models of router, though
the current, most recently discovered generation (dubbed 'version
18' in the code) targets a wide range of devices.
"The malware contains the shellcode for over 30 different
Linksys models, 10 Netgear models, and a variety of other cable and
DSL modems (15 different shellcodes).
"A list of 6000 usernames and 13,000 passwords were also
included, to be used for brute force entry to Telnet and SSH logins
which are open to the LAN and sometimes even the public WAN side of
the routers. Generally, routers do not lock a user out after a
number of incorrect password attempts, making brute force attacks