New worm directly infects Linux-based home routers

Posted by danwarne on Mar 25, 2009 3:24 PM EDT
APCmag.com; By Samantha Rose-Hunt
Mail this story
Print this story

A new botnet, “psyb0t” is the first known to be capable of directly infecting home routers and cable/DSL modems.

This is an alarming development because it's both difficult to detect (software running on your PC can't detect it) and significantly more useful to the botnet operator than infected PCs because home routers generally run 24 hours a day, unmonitored.

The botnet malware contains the shellcode for over 30 different Linksys models, 10 Netgear models, and a variety of other cable and DSL modems (15 different shellcodes). Any router that uses a MIPS processor and runs the Linux Mipsel operating system (a port of Debian for MIPS Processors) is vulnerable if they have the router administration interface, or sshd/telnetd in a DMZ, with weak username/passwords. DroneBL noted this includes devices flashed with the open-source firmwares openwrt and dd-wrt.

Full Story

  Nav
» Read more about: Story Type: News Story; Groups: Linux

« Return to the newswire homepage

Subject Topic Starter Replies Views Last Post
more PEBCAC tuxchick 32 1,830 Mar 30, 2009 1:37 PM

You cannot post until you login.