[LINK] Psyb0t Attacks Linux Routers
Kim Holburn
kim at holburn.net
Fri Mar 27 19:47:47 AEDT 2009
http://www.linux-magazine.com/online/news/psyb0t_attacks_linux_routers_update
> Mar 26, 2009
>
> A botnet named psyb0t has been nesting for a few months in consumer
> devices that run on Linux with MIPS CPUs, notably routers. Infested
> devices connect through a botnet over a private Internet Relay Chat
> (IRC) server to await commands.
>
> Already in January Australian Terry Baume had written a short paper
> describing the psyb0t malware that was beginning to crop up in Linux
> systems. Most of these are DSL routers, in that they allow a greater
> level of stealth because they are online longer than individual PCs.
> A whole range of devices are affected that use the CPUs under Linux,
> among them various versions of OpenWRT. Attack vectors are primarily
> TELNET or SSH that listen on the device's WAN interface, accepting
> weak passwords (such as admin). According to reports, the malware
> has a number of attack tools built in, among them a network scanner
> and brute forcer.
--
Kim Holburn
IT Network & Security Consultant
Ph: +39 06 855 4294 M: +39 3494957443
mailto:kim at holburn.net aim://kimholburn
skype://kholburn - PGP Public Key on request
More information about the Link
mailing list