From the ‘that’s not good‘ files:
As many as 100,000 routers are allegedly infected with a new worm that turns home routers into drones for a botnet. DroneBL which is a botnet attack monitoring service claims the new Psyb0t worms targets OpenWRT and DD-WRT based firmware (which run on MIPS processors). OpenWRT is open source software that is often deployed on Linksys routers running embedded Linux firmware.
“This is the first known botnet based on exploiting consumer network devices, such as home routers and cable/dsl modems,” DroneBL claims in a blog post. “Many devices appear to be vulnerable.”
Defending against psyb0t doesn’t appear to be all that complex, so users just need to take a few simple steps to protect themselves.
“To disinfect, simply powercycle your device and take appropriate action
to lock it down, including the latest firmware updates, and using a
secure password,” DroneBL suggests.
In my very simplistic point of view, what this highlights is a larger and continuing problem — namely weak passwords and out of date firmware. When was the last time you updated your router’s firmware or password? I suggest you check.
