New botnet targets home routers and modems

Tools

A new piece of malware is making its rounds, this time targeting consumer routers and DSL modems. First discovered by the folks behind the DroneBL DNS Blacklist services, Psybot ignores PCs and services, and attempts to exploit linux mipsel routing devices with a router administration interface or outward-facing SSH or telnet daemon. Such devices with weak usernames and passwords are likely to fall prey. Up to 100,000 hosts are believed to be infected as part of a botnet at the moment.

Other than carrying out DDoS attacks, Psybot is also able to search for systems running vulnerable versions of the popular phpMyAdmin and MySQL software to exploit. Perhaps what is more worrying is the fact that the unique vantage point of the malware at the Internet router lends itself to easily harvest user names and passwords.

For more on this story:
- check out this blog at the DroneBL Blog
- check out this article at The Register

Related Articles:
Botnet mastermind sentenced to four years
ID thieves hard at work in '09
Monster.com orders new passwords
The coolest hacks of the year