Botnet Worm Targets DSL Modems and Routers
CoreDuo writes "The people who bring you the DroneBL DNS Blacklist services, while investigating an ongoing DDoS incident, have discovered a botnet composed of exploited DSL modems and routers. OpenWRT/DD-WRT devices all appear to be vulnerable. What makes this worm impressive is the sophisticated nature of the bot, and the potential damage it can do not only to an unknowing end user, but to small businesses using non-commercial Internet connections, and to the unknowing public taking advantage of free Wi-Fi services. The botnet is believed to have infected 100,000 hosts." A followup to the article notes that the bot's IRC control channel now claims that it has been shut down, though the ongoing DDoS attack on DroneBL suggests otherwise.
Not a big deal, you can just:
ssh to your router
ifconfig eth0 down
All fixed, not vulnerable anymore.
> ...the default configuration doesn't allow remote access from the Internet at all.
True. The crackers have to use the bot that controls his pc and the default password that he didn't change.
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
The difference is... when you get desperate enough to eat disgustingly bad pizza, your friends won't bring it up for the next ten years at every possible occasion.
If I have seen further it is by stealing the Intellectual Property of giants.