Search This Blog

Friday, March 27, 2009

psyb0t Worm Hacking Home Router

What is psyb0t? Its the stealth botnet worm that has been in the wild hacking routers all over the world. Well, at least on planet Earth. Here are some of the "confirmed" characteristic of the worm :
  • is the first botnet worm to target routers and DSL modems
  • contains shellcode for many mipsel devices
  • is not targeting PCs or servers
  • uses multiple strategies for exploitation, including bruteforce username and password combinations
  • harvests usernames and passwords through deep packet inspection
  • can scan for exploitable phpMyAdmin and MySQL servers
It sound to me like the OpenWRT/DD-WRT is sitting duck for this. And among those, most of those that can be modded with these probably should take care about this worm. I heard even Tomato is affected.

While I do not have the sample of the worm now, all I can advise is:

Change the admin account to something else, like littleteddybear66.
Change the password (I hope you are not using the default!!!) to something strong. I would call 10 character, upper + lower + symbol + number strong.

No comments:

Amazon Gift Cards!

Thanks for viewing!

Copyright © 2008, All rights reserved.