Two router options, both of which I’ve said are security risks (see This Router Configuration Option Can Be Dangerous), can now be exploited to turn routers into zombie botnet members. My latest post at Security Corner, Worm Targets Home Networking Equipment, gives details and references to more news items. You can read those if you want, but for now, here’s what you should immediately do:
- Power cycle your router.
- Disable WAN-facing telnet, SSH or web-based configuration interfaces.
- Change the passwords to something unguessable (see this article).
- Upgrade to the latest firmware.
If you’re not sure how to handle this, find a geek who can. While the hacker who wrote this worm appears to have disabled the botnet’s control center, others will follow and it could get ugly.
You should also read and apply the Safe Computing Tips available as a free PDF download. Just click on the link to the right.
As always, I’m looking out for you.