A so-called Chuck Norris botnet is hijacking poorly-configured routers and DSL modems. According to ComputerWorld, the botnet spreads by malware that installs itself on routers and modems by guessing the default administrative password and seizing control due to many devices being configured to allow remote access. Masaryk …
We are all DOOMED...
Chuck Norris' beard is barbed wire soaked in ox blood and held together by the souls of mortals.
Chuck Norris has no chin...
...Underneath his beard is another fist.
Best sub title ever
I'm going to have to replace the virtual keyboard on my phone now.
There's something not right here...
'because of a comment in its source code that reads: "in nome di Chuck Norris."'
Really? Where did he get the source code? I didn't realise that malware was now spread in a way that means the victim needs to build it themselves.
Or did he actually /scritto/ it himself ;-)
Hmm. Scientist of black helicopter? Neither, if systems are now sharing source code including comments, then this must be RotM.
"Chuck Norris can be removed by restarting the device."
We all know that Chuck Norris can never be removed unless he wants to be - anyone who tries gets round-house kicked into submission.
"blocks remote communication ports"
Eh ? What are those ? Are they different from the ports I have on my PC ? Is the HTTP port (80) a "remote communication port" ? If so, can the PC still access the Web when the malware is active ?
I would suppose so, otherwise the user would wizen up to the fact that his 'puter has been haxx0red, right ?
It was probably suggesting remote administration ports to the router/DSL modem. The article stated it redirects port 80 (from internal to external at least) to a malware-loaded website.
You omitted "Superman wears Chuck Norris pyjamas" and "when the bogeyman goes to bed, he checks beneath it for Chuck Norris".
Even Chuck Norris...
...steers clear of the Moderatrix when she's had to go through a million "Chuck Norris" comments...
Can I just say
Chuck Norris can slam a revolving door.
"noted for playing Russian Roulette with a full-loaded pistol and winning"
Playmobile or it did not happen!
Chuck Norris writes articles for WorldNetDaily and still gets taken seriously. He's that hard.
Chuck Norris's tears can cure all known diseases. But Chuck Norris never cries. Ever.
That Chuck Norris walked into a Burger king and asked for a big mac...
and got one.
And when he jumps in the pool, he doesn't get wet. The water get's chuck'd.
Chuck Norris can ...
... divide by zero
norris aside. All these routers run loonix ?
Back to closed source obscure netstacks it is ...
You miss the point.
It's not the OS that's at issue here, it's the brain-dead way most of the devices are configured. The real core of the attack is just a brute force using a list of known default logins and passwords (the single D-Link vulnerability aside). It boggles the mind why these devices aren't configured to require you to pick a new password at least when you first log into them, and for that matter they really should disable administrative access from the outbound ports (there are however ways to get around that if you abuse UPnP or bounce through a compromised system inside the network). Ultimately nothing is going to make these devices 100% secure, but we could at least make them have to work for it a little. I can't tell you how many times I've been able to log into someones how router to fix an issue just by guessing admin/admin.
yeah, that bad Linux...
and those weak passwords.
Oh wait, ..... Vincent, you did read that part?
Oh dear. I'd hate to be in the amount of shit you're going to be in when Chuck notices that. And he will. One day. Soon.
- Boffins attempt to prove the UNIVERSE IS JUST A HOLOGRAM
- China building SUPERSONIC SUBMARINE that travels in a BUBBLE
- Review Raspberry Pi B+: PHWOAR, get a load of those pins
- That 8TB Seagate MONSTER? It's HERE... (You'll have to squint, 'cos there are no specs)
- Review Reg man looks through a Glass, darkly: Google's toy ploy or killer tech specs?