Linksys Routers Exploited By "TheMoon"

← Back to Stories (view on slashdot.org)

Linksys Routers Exploited By "TheMoon"

Posted by timothy on Thursday February 13, 2014 @08:41AM from the do-you-want-to-connect-automatically? dept.

UnderAttack writes "A vulnerability in many Linksys routers, allowing for unauthenticated code execution, is being used to mass-exploit various Linksys routers right now. Infected routers will start scanning for vulnerable systems themselves, leading to a very fast spread of this 'worm.'"

7 of 134 comments (clear)

Min score:

Reason:

Sort:

That's impossible by CajunArson · 2014-02-13 08:45 · Score: 5, Funny

Linksys routers run Linux and Linux is Open Source. Therefore there are no bugs because theoretically someone can look at the code and fix the code.
This also means that it's impossible for bad people to look at the code and exploit the code because Open Source makes everyone honest by magic.
Oh, and by virtue of being able to look at the code, Linksys routers magically patch themselves before the bugs even come into existence!
In conclusion, Windows is the cause of all security problems.

--
AntiFA: An abbreviation for Anti First Amendment.
1. Re: That's impossible by Anonymous Coward · 2014-02-13 08:52 · Score: 5, Informative
  
  Slow your roll there, not all linksys run linux. Most run vxworks rtos. Only the linksys routers flashed with ddwrt firmware run linux for sure.
2. Re:That's impossible by Narcocide · 2014-02-13 08:54 · Score: 5, Informative
  
  Only affecting models not running Linux currently...
Model Numbers of affected devices. by Anonymous Coward · 2014-02-13 08:51 · Score: 5, Informative

Here is a list of router models mentioned in the binary:
E4200
E3200
E3000
E2500
E2100L
E2000
E1550
E1500
E1200
E1000
E900
It wasn't Trolling by Anonymous Coward · 2014-02-13 09:11 · Score: 5, Insightful

Trolling: "Gee, LinkSys uses Linux and it's an open source product. So much for the myth (or bullshit) that open source is more secure!" Or "See, open source is shit! Closed source would never have had this happen to it because this exploit could only have been found by seeingt he source!"
The GP, OTOH, mixed satire and sarcasm - a la "The Daily Show" and "Colbert Report" to poke fun at the false sense of security one may have with using open source and that regardless of the product we use, we all need to be vigilant with our security. Who knows what the intention of this worm is.
Also, I took the GP's comment as a little teasing at the expense of some of the rapid members of the open source community and the folks seem to jump on all the Windows failings and yet, brush aside similar failings in open source software.
I thought it was quite clever on a multitude of levels while expressing in very simple sentences.
TheMoon by confused+one · 2014-02-13 09:28 · Score: 5, Funny

Jade Rabbit suffered a failure and needed additional processing resources. It has reached out and now All Your Base Are Belong to Jade.
Why is the admin port open to the public? by EMG+at+MU · 2014-02-13 09:34 · Score: 5, Insightful

The web administration port should not be open to the public internet by default on these routers.