New malware infects routers instead of PCs

[Deleted member 178]

Just when you think you're well protected from bad things happening online, imagine a piece of malware that was able to attach itself to the firmware running on a wireless router. This new malware would avoid detection by antivirus software running on the computers connected to the router. According to Czech computer researchers, they've identified a piece of malware that can reside on a router, using it as to monitor a broadband connection to steal personal information. Code named "Chuck Norris," the malware also connects infected routers to a botnet that could be used to attack other systems on the Internet.

This article indicates that the Chuck Norris malware attacks routers remotely, guessing at the security passwords until it successfully penetrates router security. Then it installs itself onto the router's firmware.

Since the malware resides on the router, it's immune to anti-malware programs on a user's computer, even if that computer connects to the infected router. The only way to eliminate the malware is to reinstall the router's firmware.

If you haven't already done so, you might want to change the default password that came with your router. The best defense against this malware is a strong router password to avoid the malware's password guessing scheme. To be totally safe, if you had a fairly simple password, you may want to reinstall your firmware when you update your password.

Link: http://www.michaelsinsight.com/2010/02/new-malware-infects-routers-instead-of-pcs.html


reset the router, update the firmware, malware eradicated.

 

[win7holic]

fortunately I use a USB modem.
hehe.
I probably safe from this threat.

 

[moonshine]

Got my Home router locked down with a long and secure password but I'll still take notice with this malware.

 

[WinAndLinuxTutorials]

Our router is password protected but the password is a bit weak, do I have to change it?

 

[Deleted member 178]

if changing it will give you peace of mind , yes

 

[AyeAyeCaptain]

Scary to think how many people have routers that are left at default or with no password at all... If they're unlucky enough to be hit by this then the chances are they're not savvy enough to even know anything has happened, let alone how to fix it.

 

[network86]

I had just asked if this was possible in another post. Ha!

 

[jamescv7]

Combination of Letters and Symbols surely malware will be failed to penetrate the router.

Since the malware knows any simple and weak passwords.

 

[AyeAyeCaptain]

Combination of Letters and Symbols surely malware will be failed to penetrate the router.

Since the malware knows any simple and weak passwords.

Yeah, avoids dictinary attacks then...

 

[Jack]

Love the name : Chuck Norris :this-is-sparta: ...... But using brute force..........Did this type of attack ever work in real life?.........
Lets just hope the real Chuck Norris won't stumble upon this threat....because this piece of malware will have a hard day.....

 

[Ink]

I'm still unclear to how it exactly infects the router. :huh:

 

[LochNess]

Thanks for Information...

I'm sure anything is possible... but, a long password with upper/lowercase, symbols and numbers (changed regularly) is pretty tough to break... even, using brute force... If a 'bona fide' hacker wants my pc I'm sure I'm 'cooked' but a good password cannot be 'underestimated'... jmo ... Still, it's certainly 'food for thought'... I'm still not certain about how it would integrate with modem...

Now, since I gave my assessment of the situation, I'll probably I'll be the next to get 'hacked to death'... ;-)

I'm sure we have some 'super sleuths' who visit this site... be nice to me... :-{

 

[Exorcizm]

Thanks for Information...

I'm sure anything is possible... but, a long password with upper/lowercase, symbols and numbers (changed regularly) is pretty tough to break... even, using brute force... If a 'bona fide' hacker wants my pc I'm sure I'm 'cooked' but a good password cannot be 'underestimated'... jmo ... Still, it's certainly 'food for thought'... I'm still not certain about how it would integrate with modem...

Now, since I gave my assessment of the situation, I'll probably I'll be the next to get 'hacked to death'... ;-)

I'm sure we have some 'super sleuths' who visit this site... be nice to me... :-{

I love this, found it funny I'm sure you'll be just fine, nice assessment

 

[Hungry Man]

Which firmware does this work on?

I'm using DDWRT. I use a strong router password. So many people don't though and it's easy as hell to get on.

 

[Deleted member 178]

I'm still unclear to how it exactly infects the router. :huh:

yes a bit unclear, but if i understand, it stay on windows, try to brute force the router's password, then inject itself into the firmware.

 

[Exorcizm]

I'm still unclear to how it exactly infects the router. :huh:

yes a bit unclear, but if i understand, it stay on windows, try to brute force the router's password, then inject itself into the firmware.

That's what i was thinking, seeing as it does make sense and all

 

[WinAndLinuxTutorials]

if changing it will give you peace of mind , yes

I went to the password checker of microsoft to check the password's strength:
Before: Weak
After changing password: Strong

Do you think everything is good now?

 

[Deleted member 178]

yes, first you have few chances to cross it, second you did what make it harder to infect you. you can sleep peacefully now

 

[WinAndLinuxTutorials]

you can sleep peacefully now

Am I right if I said that the easiest one to get infected is the unsecured wireless router?

 

[Deleted member 178]

unsecure computer first then unsecured router.