---

Home Infrastructure

Worm targets Linux routers

By

“Because the worm relies on insecure passwords — or devices
which have not been reconfigured from their default settings — the
group claims that “ninety per cent of the routers and modems
participating in this botnet are [doing so] due to user error.”
While it’s always good advice to choose a very secure password for
Internet-facing devices, it’s unlikely that anyone reading a
security blog needs telling.

“The payload of the worm is interesting: as well as allowing
full remote control of the router via an IRC channel, the malware
uses packet inspection techniques in an attempt to sniff traffic
for usernames and passwords to web sites and e-mail accounts. The
worm also attempts to resist disinfection by locking out telnet,
SSH, and web access to the device’s management functionality —
preventing the device from being flashed with a known-clean
firmware.”


Complete Story

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis

Must Read

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

Our Brands

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.