Linux routers and modems targeted by ‘Psybot’
Researchers estimate that 100,000 users could be part of a botnet targeting badly-configured Linux modems and routers.
Researchers have warned of a new botnet worm called psyb0t' that targets both exploited DSL modems and routers.
According to a blog post, DroneBL researchers said that this was the first known botnet targeting home routers and cable/dsl modems, with an estimated 100,000 devices infected.
They said: "The technique is one to be extremely concerned about because most end users will not know their network has been hacked, or the router is exploited.
"This means that in the future, this could be an attack vector for the theft of personally identifying information."
DroneBL said that most of the vulnerable devices were mipsel devices that had weak usernames and passwords or other errors.
They commented that the author of the worm used sophisticated programming language which used different strategies to break in to devices, and that action needed to be taken before the worm grew larger.
The botnet was found as part of DroneBL investigation into DDoS attacks against their infrastructure.
Sign up today and you will receive a free copy of our Future Focus 2026 report - the leading resource for IT decision-maker insight on priorities and investment areas in AI, security and more.
-
Jitterbit eyes global growth under new CRO Chris StoddardNews The former New Relic executive will lead the vendor’s worldwide go-to-market strategy and revenue growth plans
-
This one cyber crime group accounted for nearly a fifth of all ransomware attacks in JuneNews The Gentlemen, a ransomware a service operator, now accounts for 17% of published attacks
-
Security experts sound alarm over 'expanded' China-linked botnet used to target US critical infrastructure and military assetsNews The China-linked botnet highlights risk of leaving routers and IoT devices unpatched
-
Thousands of Asus routers are being used to fuel a massive cyber crime spreeNews Black Lotus Labs has spotted a massive botnet of Asus routers built by malware that uses a common peer networking tool
-
Europol hails triple takedown with Rhadamanthys, VenomRAT, and Elysium sting operationsNews The Rhadamanthys infostealer operation is one of the latest victims of Europol's Operation Endgame, with more than a thousand servers taken down
-
Seized database helps Europol snare botnet customers in ‘Operation Endgame’ follow-up stingNews Europol has detained several people believed to be involved in a botnet operation as part of a follow-up to a major takedown last year.
-
Horabot campaign targeted businesses for more than two years before finally being discoveredNews The newly-discovered Horabot botnet has attacked companies in the accounting, investment, and construction sectors in particular
-
UK crime fighters wrangle “several thousand” potential cyber criminals in DDoS-for-hire honeypotNews The sting follows a recent crackdown on DDoS-for-hire services globally
-
Brand-new Emotet campaign socially engineers its way from detectionNews This latest resurgence follows a three-month hiatus and tricks users into re-enabling dangerous VBA macros
-
US begins seizure of 48 DDoS-for-hire services following global investigationNews Six people have been arrested who allegedly oversaw computer attacks launched using booters