Linux Worm Targeting Hidden Devices

HardOCP News · Nov 29, 2013

Now would probably be a good time to update your router and change that default password.

Symantec has discovered a new Linux worm that appears to be engineered to target the “Internet of things”. The worm is capable of attacking a range of small, Internet-enabled devices in addition to traditional computers. Variants exist for chip architectures usually found in devices such as home routers, set-top boxes and security cameras. Although no attacks against these devices have been found in the wild, many users may not realize they are at risk, since they are unaware they own devices that run Linux.

pxc · Nov 29, 2013

This is why I insisted on Windows 8.1 for my home consumer-grade router. /derp

Sp33dFr33k · Nov 29, 2013

Fortunately the makers of routers, ip cameras , etc are always vigilant about updating their firmware to stay one step ahead.

MoFoQ · Nov 29, 2013

and currently, the worm targets php-cgi vulnerabilities on intel x86 based devices.
Those running ARM or MIPS or other stuff (typical for home routers) should be safe for the time being.

that said, not using default passwords or trivial ones is always a good practice.
For my routers, I tend to set the root password to something ridonculous (https://www.grc.com/passwords.htm) like a 63-character string.

Ashbringer · Nov 29, 2013

I think Symantec is asking for router makes to include their software onto the routers.

heatlesssun · Nov 29, 2013

pxc said:
This is why I insisted on Windows 8.1 for my home consumer-grade router. /derp

And they say I'm always bringing up Windows 8.

Exavior · Nov 29, 2013

Sp33dFr33k said:
Fortunately the makers of routers, ip cameras , etc are always vigilant about updating their firmware to stay one step ahead.

Doesn't matter. How often do USERS install said upgrades? People know they should update their computers. But their routers, switches, blu-Ray players, microwaves (those probably run Linux and/or java by now

) people don't upgrade as they don't know know they should

Stoly · Nov 29, 2013

There is no malware for linux. /end thread

BBA · Nov 29, 2013

Stoly said:
There is no malware for linux. /end thread

LOL...sure buddy.

Stoly · Nov 29, 2013

BBA said:
LOL...sure buddy.

nor OSX of course

Ashbringer · Nov 29, 2013

Stoly said:
There is no malware for linux. /end thread

Believe it or not, Ubuntu released a fix for this over a year ago. It won't effect you at all as long as you don't have PHP-cgi installed. So yea, this is strictly for out dated routers.

dyzophoria · Nov 29, 2013

Sp33dFr33k said:
Fortunately the makers of routers, ip cameras , etc are always vigilant about updating their firmware to stay one step ahead.

this is sarcasm right?

xX_Jack_Carver_Xx · Nov 30, 2013

Does this mean I have to give up my Linus WRT54GS? The company doesn't even have the most recent update online anymore, and that was from 2008.

Linux Worm Targeting Hidden Devices

HardOCP News

[H] News

pxc

Extremely [H]

Sp33dFr33k

2[H]4U

MoFoQ

Gawd

Ashbringer

Supreme [H]ardness

heatlesssun

Extremely [H]

Exavior

[H]F Junkie

Stoly

Supreme [H]ardness

BBA

Supreme [H]ardness

Stoly

Supreme [H]ardness

Ashbringer

Supreme [H]ardness

dyzophoria

Gawd

xX_Jack_Carver_Xx

2[H]4U