Worm turns Linux routers into botnet

By on
Worm turns Linux routers into botnet

The psyb0t worm appears to be in circulation since the start of the year and targets routers running Mipsel, a form of the Devian Linux distribution designed for MIPS processors.

The worm is believed to be the first of its kind and the researchers at DroneBL estimate it may have infiltrated as many as 100,000 routers.

The worm uses a brute force attack against the router by dictionary checking the username and passwords. This shows the exploitation is not an attack on the flaw in the operating system itself but against poor user security.

“90 per cent of the routers and modems participating in this botnet are participating due to user-error (the user themselves or otherwise). Unfortunately, it seems that some of the people covering this botnet do not understand this point, and it is making us look like a bunch of idiots,” said the DroneBL blog.

“Any device that meets the above criteria is vulnerable, including those built on custom firmware such as OpenWRT and DD-WRT. If the above criteria is not met, then the device is NOT vulnerable.”

Once installed psyb0t allows remote control of the router and infected hardware has already been used to take part in botnet attacks. It also uses deep packet inspection to try and harvest usernames and passwords for other sites.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:
botnet distribution routers security worm

Partner Content

Kaseya Dattocon APAC 2024 is Back
Kaseya Dattocon APAC 2024 is Back
Ingram Micro Ushers in the Age of Ultra
Ingram Micro Ushers in the Age of Ultra
Build cybersecurity capability with award winning Fortinet training from Ingram Micro
Build cybersecurity capability with award winning Fortinet training from Ingram Micro
Channel can help lead customers to boosting workplace wellbeing with professional headsets
Channel can help lead customers to boosting workplace wellbeing with professional headsets
Tech For Good program gives purpose and strong business outcomes
Tech For Good program gives purpose and strong business outcomes

Sponsored Whitepapers

F5’s 2025 Report: Unlocking AI Success by Conquering App & API Complexity
F5’s 2025 Report: Unlocking AI Success by Conquering App & API Complexity
Driving Innovation and Sustainability through Hybrid IT and AI Solutions
Driving Innovation and Sustainability through Hybrid IT and AI Solutions
Easing the burden of Microsoft CSP management
Easing the burden of Microsoft CSP management
Stop Fraud Before It Starts: A Must-Read Guide for Safer Customer Communications
Stop Fraud Before It Starts: A Must-Read Guide for Safer Customer Communications
The Cybersecurity Playbook for Partners in Asia Pacific and Japan
The Cybersecurity Playbook for Partners in Asia Pacific and Japan

Events

techpartner.news Channel Leader List / Golf day
techpartner.news Channel Leader List / Golf day
techpartner.news Pipeline Conference 2025
techpartner.news Pipeline Conference 2025
Integrate Expo 2025
Integrate Expo 2025
Security Exhibition & Conference 2025
Security Exhibition & Conference 2025
techpartner.news Benchmark Security Awards 2025
techpartner.news Benchmark Security Awards 2025

Most read articles

NEXTGEN "realigns" structure

NEXTGEN "realigns" structure
The Aussie startup building an integration platform for MSPs and SIs

The Aussie startup building an integration platform for MSPs and SIs
Atturra's FY25 revenue to exceed $300m

Atturra's FY25 revenue to exceed $300m
Ingram Micro "grateful" for customers' support during cybersecurity incident

Ingram Micro "grateful" for customers' support during cybersecurity incident

Log in

Email:
Password:
  |  Forgot your password?