DroneBL DDosed by DSL Modems and Routers infected by Botnet Worm
“The people who bring you the DroneBL DNS Blacklist services, while investigating an ongoing DDoS incident, have discovered a botnet composed of exploited DSL modems and routers. OpenWRT/DD-WRT devices all appear to be vulnerable. What makes this worm impressive is the sophisticated nature of the bot, and the potential damage it can do not only to an unknowing end user, but to small businesses using non-commercial Internet connections, and to the unknowing public taking advantage of free Wi-Fi services. The botnet is believed to have infected 100,000 hosts.”
Poorly configured devices that allow remote administration access from the WAN side, combined with weak passwords for root, appears to be the reason for the successful proliferation of the worm.
Via Slashdot
Leave a Comment...
You must be logged in to post a comment.
Ruan is a resolute technophile that is currently devoted to the professional practice of Information Technology Management. In his free time Ruan pursues various interests including the study of Information Security practices and the exploration of visual culture through contemporary photography and communication design.
- pfSense 2 log visualization with glTail on OSX Lion
5:58 pm, December 5, 2011 - NIST Releases Secure Cloud Computing Guidelines
11:54 am, September 15, 2011 - MIT researchers craft defense against wireless man-in-middle attacks
9:16 am, August 26, 2011 - EU Upset by Warning About US Access to EU Cloud
1:34 pm, July 6, 2011 - RSA comes clean: SecurID is compromised
7:34 pm, June 7, 2011