Infosec miscreants are peddling malware that will KO your router Malware targeting embedded devices such as routers rather than computers is doing the rounds. A new and improved version of Kaiten, an Internet Relay Chat (IRC)-controlled malware typically used to carry out distributed denial-of-service (DDoS) attacks, is spreading, security firm ESET warns. KTN-Remastered or KTN-RM features …
Telnet logon. I didn't see any other vector in TFA, though I admit I read it rather quickly. Do router companies really leave that on by default? I noticed the option in e.g. my last router (Asus RT-AC68R) but I don't remember having to disable it. Granted my memory is vague on that.
Why would anybody turn that on?
@ Anonymous South African Coward
A couple of weeks ago I posted the following on in the Forums. I found Goodman's book an interesting an interesting read on the subject.
http://forums.theregister.co.uk/forum/1/2016/03/15/Hargrove_Anyone_for_a_Book_Discussion_Marc_Goodman_Future_Crimes/?post_received=2826108#c_2826108
Frankly I see no way that the users of IT can defend themselves against the growing malware threat in the current operating environment. That is:
Software suppliers who require that users accept downloads of countless thousands of lines of executable code whose only purpose is to provide economic and competitive advantage to the vendor. This is code that runs in the background, that cannot be easily removed by the average user, In many cases, unwanted functions are bundled with essential functions in such a way as to preclude their removal. The user can disable them. But again, in many cases, this only disables the user interface. The programs stay on the system, and run in the background doing God knows what. . . I as the owner of the system in question certainly do not. And the vendors do everything in their power to ensure that I as the owner/customer do not have easy access to that knowledge.
Fundamentally, each and every one of these unwanted components is a potential vector for malware.
Those who govern, particularly here in US have been fully complicit in creating this operating environment. The practices and policies established under the veil of the Federal Information Security Management Act has been key contributor, as have the restrictions on and impediments to use and development of effective cybersecurity technologies.
It's been 45 years since I had the IT chops to program in machine language by poking the individual indicator light/switches on the from panel of a Navy tactical computer. But I fancy I still have a feel for the territory. I was edified to see that other commenters--who are clearly more knowledgeable on current technology than I am--had some of the same questions about this threat.
If those who sell and govern gave a rat's ass about the security of their customers, the answers would be universally available. As it is end-users are forced to rely on crowd-sourced Communities, half of whom appear to be shills for the company, parroting back steps that don't work, the other half of whom are guessing--usually that something that didn't work for W7 might work for W10, It is to weep.
A side note. Downloading W10 opened a Pandora's box on unanticipated complications for me. Will spare the details, but in the process, I wound up contacting customer support for my router. The tech expressed great surprise when he couldn't access the router remotely, with the default "password."
Effective security is impossible under these conditions.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
