New Botnet Worm 'Psyb0t' Targets Modems, Routers
A new type of worm has been reported to infect 55 different home-based routers and DSL/cable modems has been discovered. Originating in Australia, Psyb0t, is the first worm capable of infecting residential routers and modems, including common brands like Linksys and Netgear.
A blog post from DroneBL researchers says that Psyb0t (also known as Bluepill) is suspected of infecting at least 100,000 hosts. (Source: dronebl.org)
Check Your Vulnerability
According to DroneBL, you're only vulnerable if:
- Your network device is a mipsel device
- Your device allows telnet, SSH or web-based interfaces via the Wide Area Network (WAN)
- Your username and password combinations are weak, or the daemons that your firmware uses are exploitable
Devices using custom firmware such as OpenWRT and DD-Wrt are also vulnerable. The routers and modems that end up infected do so typically because of an incorrect or lax configuration. (Source: dronebl.org)
Plenty Of Time to Infect Devices
Many routers allow unlimited attempts to enter the correct username and password, which makes them a perfect target. Since most routers and modems are usually on 24 hours a day, the worm (which is powered through a botnet) has plenty of time to try gaining access.
Psyb0t is hard to detect and most home users may not be aware that they're infected. Once infected, the worm carries out commands from the author, creating a botnet.
Threat Posed by Psyb0t May be Overstated
APC Magazine reports that the botnet capabilities for this worm are no longer active. (Source: pcworld.com)
The DroneBL blog says that the threat posed by Psyb0t is overstated. However, its appearance is troubling since it is so hard to detect and could be used to steal a user's personal information. (Source: dronebl.org)
Regardless, it's very important to take precautionary measures such as making sure you don't use the default password and username that came with your modem / router (for example). Don't use weak or easy-to-guess passwords and usernames, either.
If you're afraid you may be infected, performing a simple factory reset will kill the worm, but then you'll have to make sure to change your default user name / password login. (Source: pcworld.com)
More information on the Psyb0t worm can be found from the DroneBL blog.
Visit Bill's Links and More for more great tips, just like this one!
Infopackets Top Windows 10 FAQs
How to Upgrade from Windows 10 32-bit to 64-bit
How to Fix: Windows 10 Antivirus Missing, Not Compatible
How to Fix: Windows 10 Display Shifted; Screen Fuzzy
How to Upgrade Windows 7, 8 32-bit to Windows 10 64-bit
to Downgrade from Windows 10
- How to Fix: Windows 10 Upgrade Failed Error C1900208
- How to Fix: Windows 10 Upgrade Failed Error 80240020
- Can I Cancel my Windows 10 Reservation and Reserve Later?
- How to Clean Install Windows 10 using Windows 7, 8 License
- Will Windows 10 Install Automatically?
- Windows 10 Upgrade: Do I have to Reinstall Programs?
- Windows 10 Upgrade: Can I choose 32-bit or 64-bit?
- Which Version of Windows 10 Will I Get (Home or Pro)?
- How to Reserve Windows 10 Upgrade (Free)
- How to Fix: CPU Not Compatible with Windows 10 Error
- Windows 10 Upgrade: Can I keep my Old Windows Install?
- How to Cancel Windows 10 Reservation (Properly)
- Download Windows 10 .ISO (DVD) for Clean Install?
- Microsoft: Windows 10 Will Be The Last Version
- Does Windows 10 require the CPU to support PAE?
- Windows 10: Can I Upgrade or do I need a Clean Install?
Click here for more Windows 10 articles.