Routers with poor passwords at risk from Chuck Norris

Filed Under: Malware

Chuck Norris
Have you changed the password on your home router, or are you still using the default password it shipped with?

Well, a new malware attack named after a cult action movie star might make you wake up to the risk you could be running.

As ComputerWorld reports, the network security department at Masaryk University's Institute of Computer Science in Brno have discovered a new example of malware that installs itself on routers and DSL modems by cracking admin passwords.

Of course, the malware finds it much easier to break into your router if you're using an easy-to-guess password or - even more recklessly - the one the device shipped with.

The Czech researchers have dubbed the threat Chuck Norris as a comment in the source code reads in Italian "in nome di Chuck Norris", which means "in the name of Chuck Norris".

The attack is actually a collection of various different pieces of malware, based upon an older IRC bot and combined with a tool to scan for weak passwords. Sophos detects the various components as W32/Mytob-KN, Troj/Batten-A, Exp/MS04011-A and Troj/DwnLdr-IBH.

It's important to realise that the worm spreads via traditional means - from Windows computer to Windows computer - so it would be wrong to describe this a worm router.

Make sure that you have chosen a strong password on your router and DSL modem, that your anti-malware protection is up-to-date, and avoid allowing any of your computers to be recruited by the Chuck Norris botnet.

, , ,

You might like

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.