- Jan 24, 2011
- 9,378
Security researchers warn of a new trojan that infects home routers by performing brute force attacks against their administration interfaces.
According to security vendor Trend Micro, the trojan is predominantly found in Latin America, which is also possibly where it originated.
It functions as an .ELF file, an executable format used on many UNIX-like operating systems such as Linux, Solaris, xBSD, and so on.
Preliminary investigation suggests the trojan is capable of mounting brute force attacks against routers using a predefined list of usernames and passwords.
So far it's certain that it targets routers produced by D-Link, however, Trend Micro researchers don't exclude the possibility of the trojan working on others as well.
Detected as ELF_TSUNAMI.R, the malware displays botnet capabilities. Infected devices connect to an IRC server where they listen for commands from attackers.
There is not much detailed information about it at this point because analysis is ongoing, but this is not the first time when malware has targeted routers.
More details -link
According to security vendor Trend Micro, the trojan is predominantly found in Latin America, which is also possibly where it originated.
It functions as an .ELF file, an executable format used on many UNIX-like operating systems such as Linux, Solaris, xBSD, and so on.
Preliminary investigation suggests the trojan is capable of mounting brute force attacks against routers using a predefined list of usernames and passwords.
So far it's certain that it targets routers produced by D-Link, however, Trend Micro researchers don't exclude the possibility of the trojan working on others as well.
Detected as ELF_TSUNAMI.R, the malware displays botnet capabilities. Infected devices connect to an IRC server where they listen for commands from attackers.
There is not much detailed information about it at this point because analysis is ongoing, but this is not the first time when malware has targeted routers.
More details -link
