Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Security United States Wireless Networking

Foul-Mouthed Worm Takes Control Of Wireless ISPs Around the Globe (arstechnica.com) 36

Dan Goodin, reporting for Ars Technica (edited and condensed): ISPs around the world are being attacked by self-replicating malware that can take complete control of widely used wireless networking equipment, according to reports from customers. San Jose, California-based Ubiquiti Networks confirmed recently that attackers are actively targeting a flaw in AirOS, the Linux-based firmware that runs the wireless routers, access points, and other gear sold by the company. The vulnerability, which allows attackers to gain access to the devices over HTTP and HTTPS connections without authenticating themselves, was patched last July, but the fix wasn't widely installed. Many customers claimed they never received notification of the threat.ISPs in Argentina, Spain, Brazil have been attacked by the worm, said Nico Waisman, a research at security firm Immunity, adding that it's likely that ISPs in the U.S. and other places have also been attacked by the same malware. From the report, "Once successful, the exploit he examined replaces the password files of an infected device and then scans the network it's on for other vulnerable gear. After a certain amount of time, the worm resets infected devices to their factory default configurations, with the exception of leaving behind a backdoor account, and then disappears."
This discussion has been archived. No new comments can be posted.

Foul-Mouthed Worm Takes Control Of Wireless ISPs Around the Globe

Comments Filter:
  • Foul-Mouthed (Score:5, Informative)

    by Megahard ( 1053072 ) on Friday May 20, 2016 @12:35PM (#52150209)

    The backdoor it leaves behind has a username of "mother" and a password that almost rhymes.

  • by The-Ixian ( 168184 ) on Friday May 20, 2016 @12:46PM (#52150307)

    Patched almost a year ago, apparently... so... I would fault ISP admins for not having a patch cycle...

    Many customers claimed they never received notification of the threat

    In this day-and-age if you are not proactive in your network security, it's on you.

    • Average people setting up average home networks are on average, unable to patch anything.

      Average people don't care until it is too late, and then it is too late to care. (file under "Its all over but the crying")

      Really, when was the last time you checked the Vulnerability list for your home networking products? And when was the last time before that?

      • by tlhIngan ( 30335 ) <slashdotNO@SPAMworf.net> on Friday May 20, 2016 @02:56PM (#52151231)

        Average people setting up average home networks are on average, unable to patch anything.

        Average people don't care until it is too late, and then it is too late to care. (file under "Its all over but the crying")

        Really, when was the last time you checked the Vulnerability list for your home networking products? And when was the last time before that?

        These aren't average people, unless average people run wireless ISPs.

        And these aren't regular consumer grade wireless hardware, these are carrier-grade wireless hardware.

        SO yeah, you hope the system administrators at your ISP know what they're doing, applying patches and all that, like any good admin who administers their company's servers.

  • Foul-Mouthed

    If you're going to lead with that, you should at least explain it in the summary.

  • Comment removed based on user account deletion

I had the rare misfortune of being one of the first people to try and implement a PL/1 compiler. -- T. Cheatham

Working...