First botnet to target routers in the wild
Thursday, March 26, 2009
Researchers have found a botnet worm that targets routers and DSL modems in the wild, which is reportedly the first of its kind.
The live botnet, which is being called Psyb0t, is impacting any MIPS-based Linux router that either has a weak username-password combination or an interface accessible from outside the LAN.
An estimated 100,000 devices have already been infected by Psyb0t, according to the security officials who first found the botnet.
The researchers said detecting the botnet has proven difficult and would have to monitor monitor traffic going in and out of the router, Zdnet.com reports. The botnet has the ability to scan for vulnerable PHPMyAdmin and MySQL installations as well as disable access to the control interfaces of a router.
Terry Baume, an independent researcher from Australia, was reportedly the first person to find the botnet after he discovered the worm impacting an ISP's router.
"It's the first time I've ever heard of anything infecting embedded devices," Baume told SCMagazineUS.com.
This news may be troubling for SMBs or for businesses that are now home-based because of the weakening economy who depending routers. As an added layer to computer network security, businesses may want to use email archiving to protect sensitive data.
Related News:
Conficker still a threat to web security - 3.18.2010
The Conficker worm was by far the most notorious piece of malware in 2009 for several reasons. Not only did it receive media attention and infect more computers than any other strain, according to Katonda, a business technology website, it reminded web security professionals of bygone days when major epidemics were the norm.
Network security update not responsible for crashes - 2.24.2010
Reports of the so-called "blue screen of death" following the installation of the latest Microsoft security update are the result of malware, not a defect in the update.
Botnets and Chuck Norris take aim at network security - 2.22.2010
Last week, word spread of the Kneber botnet compromising more than 2,000 computers worldwide. With the start of a new week comes more malware attacks plaguing the web community. The so-called "Chuck Norris" botnet is attacking routers and DSL modems by guessing commonly used passwords.
Web security company warns of scareware's risk - 2.19.2010
The rise in scareware attacks and cyber criminal behavior in general forced DynaSis, an IT services company, to issue a warning to its users about the threat of fake anti-virus software infecting their computers on Friday.
Age-old trick with brand-new target - 1.18.2010
Cyber criminals have turned to a scam from the early days of the internet to target the growing smartphone market: Trojan phone dialers.
|
