What Wireless router do you have at your House or Office? If it is a Linksys Router, you could be in the risk to new viruses that strikes your firmware and copies itself.
To crack the Wi-fi router, malware remotely calls the Home
Network Administration Protocol (HNAP), allows recognition, settings and
control over networking devices.
The Malware first demand the design and firmware version of
the router using HNAP and if the product founds vulnerable, it delivers a CGI script
exploit to get the local control performance access to the device.
Linksys's parent company has verified that HNAP1 execution
has a protection defect whose exploit code is openly available on the Internet.
“(There are about 670 different IP ranges that it scans for
other wireless routers. They appear to all are part of different cable modem
and DSL ISPs. They are assigned somewhat worldwide),”
‘To what level this worms can be dangerous’ is yet a
query.
“We are still working
on research what it exactly does. However, so far, it looks like all it does is
spread (which is why we call it a worm). It may have a ‘call-home’ feature that
will review on their behavior when it infected new hosts.”
If you get an XML HNAP response, you are likely to be
offended for the worm affecting Linksys devices and some safety actions are to
be taken. Also, keep an eye on the records of slot 80 and 8080.
Users are suggested to turn off Remote Administration of
their system or limit the administration right to a limited number of trusted
reliable IP details.
No comments:
Post a Comment