Linux Today: Linux News On Internet Time.

New worm infect Linux-based home modem/routers

Mar 25, 2009, 16:32 (5 Talkback[s])
(Other stories by Samantha Rose Hunt)

[ Thanks to Dan Warne for this link. ]

"The first generation targeted very few models of router, though the current, most recently discovered generation (dubbed 'version 18' in the code) targets a wide range of devices.

"The malware contains the shellcode for over 30 different Linksys models, 10 Netgear models, and a variety of other cable and DSL modems (15 different shellcodes).

"A list of 6000 usernames and 13,000 passwords were also included, to be used for brute force entry to Telnet and SSH logins which are open to the LAN and sometimes even the public WAN side of the routers. Generally, routers do not lock a user out after a number of incorrect password attempts, making brute force attacks possible.

Complete Story

Related Stories: