Back to article
Psyb0t: Drafting Linux Routers Into the World Wide Botnet
Always Change the Default Login
March 31, 2009
From the 'that's not good' files:
As many as 100,000 routers are allegedly infected with a new worm that turns home routers into drones for a botnet. DroneBL which is a botnet attack monitoring service claims the new Psyb0t worms targets OpenWRT and DD-WRT based firmware (which run on MIPS processors). OpenWRT is open source software that is often deployed on Linksys routers running embedded Linux firmware.
�"This is the first known botnet based on exploiting consumer network devices, such as home routers and cable/dsl modems," DroneBL claims in a blog post. (The DroneBL blog has a lot of helpful information- ed.) "Many devices appear to be vulnerable."Defending against psyb0t doesn't appear to be all that complex, so users just need to take a few simple steps to protect themselves.
"To disinfect, simply powercycle your device and take appropriate action to lock it down, including the latest firmware updates, and using a secure password," DroneBL suggests.In my very simplistic point of view, what this highlights is a larger and continuing problem -- namely weak passwords and out of date firmware. When was the last time you updated your router's firmware or password? I suggest you check.