Slashdot Mirror


Botnet Worm Targets DSL Modems and Routers

CoreDuo writes "The people who bring you the DroneBL DNS Blacklist services, while investigating an ongoing DDoS incident, have discovered a botnet composed of exploited DSL modems and routers. OpenWRT/DD-WRT devices all appear to be vulnerable. What makes this worm impressive is the sophisticated nature of the bot, and the potential damage it can do not only to an unknowing end user, but to small businesses using non-commercial Internet connections, and to the unknowing public taking advantage of free Wi-Fi services. The botnet is believed to have infected 100,000 hosts." A followup to the article notes that the bot's IRC control channel now claims that it has been shut down, though the ongoing DDoS attack on DroneBL suggests otherwise.

3 of 272 comments (clear)

  1. Th by Anonymous Coward · · Score: -1, Troll

    anks. Boy that reply really helped me out! You're right. This way is much better because now you have to view the post to figure out that what I'm writing is unimportant. By the way, what is that "tell parent poster to bite me" check box all about? I'm just askin.

  2. Re:Tomato by Anonymous Coward · · Score: -1, Troll

    Linux sucks anyways. The new generation of exploits is all aimed to Linuxeses Flavoreseses flaws.
    So, I keep a router with proprietary software as my border gateway to the Internet, and then all the Linux crap goes inside of the network. If Linux was not free I don't think people will use it for anything.

  3. Re:private/public keys by Darkk · · Score: 0, Troll

    I take it you never worked with an enterprise class router like the SonicWall NSA 3500 which supports the CA type keys for web access protection?

    Problem is some network admins don't take the time to set up the firewalls correctly to prevent this sorta thing from happening. I always create rules in the remote firewall to only accept 443 port connections from our static IP address and use strong passwords. The firewalls out in the field been running without problems.

    And I do check the logs frequency for any kind of intrusion problems.

    I also run PfSense firewall at home and it's working great for me. It even supports the SSH connection via keys.