“A self-replicating program is infecting Linksys routers by exploiting an authentication bypass vulnerability in various models from the vendor’s E-Series product line,” Lucian Constantin reports for PCWorld.
“The attacks seems to be the result of a worm—a self-replicating program—that compromises Linksys routers and then uses those routers to scan for other vulnerable devices,” Constantin reports. “‘At this point, we are aware of a worm that is spreading among various models of Linksys routers,’ said Johannes Ullrich, the chief technology officer at SANS ISC, in a separate blog post. ‘We do not have a definite list of routers that are vulnerable, but the following routers may be vulnerable depending on firmware version: E4200b, E3200, E3000, E2500, E2100L, E2000, E1550, E1500, E1200, E1000, E900.'”
“The worm…has been dubbed ‘TheMoon’ because it contains the logo of Lunar Industries, a fictitious company from the 2009 movie ‘The Moon,'” Constantin reports. “t’s not clear what the purpose of the malware is other than spreading to additional devices. There are some strings in the binary that suggest the existence of a command-and-control server, which would make the threat a botnet that attackers could control remotely. Linksys is aware of the vulnerability in some E-Series routers and is working on a fix, said Mike Duin, a spokesman for Linksys owner Belkin, in an email Friday.”
Read more in the full article here.
Apparently the NSA left the door open behind them.
Yet another blow to the myth of security through obscurity.
These particular Linksy’s routers are something of a niche product, yet a successful self replicating worm has been created to exploit them.
I think you answered your own question. A “niche product” is likely one that does not get the highest level of security scrutiny by Linksys software engineers and so it is more likely to have weak security, not stronger.
I’d be interested in how much memory space this potential bot has to play around in on these routers. Knowing this would help define the capabilities a bot could have.
Anyway, Linksys does has had plenty of security problems recently! I hope Linksys doesn’t sit on this one. It’s a whopper.
The movie is called just ‘Moon’, not ‘The Moon’. And Belkin just bought Linksys- looks like they inherited this problem.
So what does this mean for Macs? Anything? Nothing? Maybe? Who cares?
And that folks, is why you need AirPort Extreme routers.
Linksys just got mooned.
Really feel so glad,when i and my friend watch and read it. Necesary information which i needed personally we get from these at Belkin router setup
this article is very nice….