Advertisement

Article

The Moon malware spreading through Linksys routers

The Moon malware spreading through Linksys routers
Jonathan Riggall

Jonathan Riggall

  • Updated:

A piece of malware called ‘the moon‘ is spreading through Linksys routers. While the malware has been detected, it’s not clear what it does yet. It could be used to create a botnet, or steal information that passes through the router.

The Moon is self replicating, and exploits a vulnerability in Linksys wireless routers. Some routers have firmware with a security flaw, and the malware can identify if this firmware is present to hack the device. The routers that could be affected are as follows: Linksys E4200 , E3200 , E3000 , E2500 , E2100L , E2000 , E1550 , E1500 , E1200 , E1000 , E900 , E300 , WAG320N , WAP300N , WAP610N , WES610N , WET610N , WRT610N , WRT600N , WRT400N , WRT320N , WRT160N and WRT150N.

If you own a router in this list, it is recommended to disable ‘Remote Administration’ in your router settings, and to create a list of trusted devices that can connect to it (meaning only the computers etc that you define will be able to access your wifi). Your router settings can generally be accessed by putting 192.168.1.1 into your browser, and then entering your username and password. Many people never check their router settings, and most have the default username and password ‘admin’.

However, if you are not comfortable with changing router settings, Linksys is aware of the security hole, and should close it in an upcoming firmware update.

RELATED STORIES

[Source: The Hacker News]

Jonathan Riggall

Jonathan Riggall

Latest from Jonathan Riggall

Editorial Guidelines