- How to make new stuff from your piles of obsolete tech
- Why your computer sucks
- 10 recession-proof IT skills
- Juniper execs share network vision
- 9-year-old plots his fifth Microsoft certification
A computer worm has been discovered that can infect 55 different home-based routers and DSL/cable modems including common brands like Linksys and Netgear.
Slideshow: 10 of the Worst Moments in Network Security History
Believed to have originated in Australia and known as "psyb0t" or Bluepill, this is the first worm known to be able to infect residential routers and modems.
Psyb0t is armed with 6000 common usernames and 13,000 popular passwords that it tries in various combinations to gain entry to your home network. Most home-based routers will give you unlimited attempts to get the username and password correct, making these devices an ideal target for infection. Also, unlike your PC, your router and modem are running 24 hours a day meaning psyb0t has a relatively unlimited amount of time to try and gain access.
If that wasn't frightening enough, psyb0t is reportedly very hard to detect and most home users will be unaware that they're infected. Like other worms, psyb0t is designed to infect systems and then carry out commands given by its author, creating what is known as a botnet. There may not be much cause for alarm, though, as APC Magazine is reporting that the botnet capabilities for this worm are no longer active. At its height, psyb0t was suspected of controlling 80,000 tio 100,000 systems.
The DroneBl blog -- a real-time tracker that looks for botnets -- says the threat psyb0t poses or could have posed is overstated. DroneBL believes this is not an "end of the world, all routers are vulnerable" thing. But the appearance of psyb0t is troubling because it is so hard to detect and could be used to steal "personally identifying information," the blog adds.
While the threat posed by psyb0t may not be high, it is still extremely important to take precautionary measures against this kind of attack. The best way to protect yourself is to make sure you are not using the default password and username that came with your equipment. Consult the materials that came with your device or the manufacturer's website for instructions on how to change your username and password. If you're worried you have been infected, a simple factory reset of your device will kill the worm.
Rss FeedRss Feed
The Leader in Network Knowledge
Comments (4)
Chicken LittleBy Anonymous on March 25, 2009, 4:23 pmBefore we get everyone in a panic that the sky is falling, how many of these vulnerable systems allow external management connections? By default netgear and linksys...
Reply | Read entire comment
Remote access is not required.By Anon on March 25, 2009, 5:39 pmI am seeing attacks on routers from infected Windows PC's on the private side of the router. No remote access is required. The only way to prevent this is to...
Reply | Read entire comment
Microsoft Router Security TesterBy Anon on March 25, 2009, 11:35 pmAll wireless home routers come with a default administrator user id and password which allows anyone within a 300 foot radius of your router to use your network...
Reply | Read entire comment
Wow you are so smart.By Anon on March 30, 2009, 1:08 pmWow you are so smart.
Reply | Read entire comment
View all comments