Security Alert Widely used D-Link modem/router under mass attack by potent IoT botnet

LASER_oneXM

Level 28
Content Creator
Verified
Joined
Feb 4, 2016
Messages
1,773
OS
Windows 8.1
Antivirus
Kaspersky
#1
Malicious hackers are mass exploiting a critical vulnerability in D-Link DSL routers in an attempt to make them part of Satori, the potent Internet-of-things botnet that is used to take down websites and mine digital coins, researchers said.

Since making its debut late last year, Satori has proven to be a particularly versatile and sophisticated botnet. It made a name for itself in December when it infected more than 100,000 Internet-connected devices in just 12 hours by exploiting remote code-execution vulnerabilities in Huawei and RealTek routers. A month later, Satori operators released a new version that infected devices used to mine digital coins, proving that the IoT botnet could also take control of more traditional computing devices. In February, Satori resurfaced when it infected tens of thousands of routers manufactured by Dasan Networks.
Over the past five days, researchers said, Satori has started mass exploiting a critical vulnerability in the D-Link DSL 2750B, a combination router and DSL modem that’s used by subscribers of Verizon and other ISPs. Attack code exploiting the two-year-old remote code-execution vulnerability was published last month, although Satori’s customized payload delivers a worm. That means infections can spread from device to device with no end-user interaction required. D-Link’s website doesn’t show a patch being available for the unindexed vulnerability, and D-Link representatives didn’t respond to an email seeking comment for this post.


Researchers with Netlab 360 first reported Satori was exploiting the D-Link vulnerability in a blog post published Friday. They also said Satori had started exploiting a vulnerability in a router made by XiongMai. On Tuesday, researchers from Radware reported seeing an “exponential increase in the number of attack sources” for attacks on both the D-Link and XiongMai devices.
 

upnorth

Level 24
Verified
Joined
Jul 27, 2015
Messages
1,342
#2
The D-Link router is pretty old and it's latest firmware is from 15/05/2013 and as I doubt D-Link will bother release an update it's probably best to throw this out and change if possible. If Verizon wants to supply routers it's also there damn responsibility IMO to have routers that gets regular updates or otherwise don't supply it at all.

DSL‑2750B - Wireless N300 ADSL2+ Modem Router