[LINK] Psyb0t Attacks Linux Routers
kim at holburn.net
Fri Mar 27 19:47:47 EST 2009
> Mar 26, 2009
> A botnet named psyb0t has been nesting for a few months in consumer
> devices that run on Linux with MIPS CPUs, notably routers. Infested
> devices connect through a botnet over a private Internet Relay Chat
> (IRC) server to await commands.
> Already in January Australian Terry Baume had written a short paper
> describing the psyb0t malware that was beginning to crop up in Linux
> systems. Most of these are DSL routers, in that they allow a greater
> level of stealth because they are online longer than individual PCs.
> A whole range of devices are affected that use the CPUs under Linux,
> among them various versions of OpenWRT. Attack vectors are primarily
> TELNET or SSH that listen on the device's WAN interface, accepting
> weak passwords (such as admin). According to reports, the malware
> has a number of attack tools built in, among them a network scanner
> and brute forcer.
IT Network & Security Consultant
Ph: +39 06 855 4294 M: +39 3494957443
mailto:kim at holburn.net aim://kimholburn
skype://kholburn - PGP Public Key on request
More information about the Link