Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Worm 'TheMoon' infects Linksys routers

Lucian Constantin | Feb. 17, 2014
A self-replicating program is infecting Linksys routers by exploiting an authentication bypass vulnerability in various models from the vendor's E-Series product line.

Linksys is aware of the vulnerability in some E-Series routers and is working on a fix, said Mike Duin, a spokesman for Linksys owner Belkin, in an email Friday.

Ullrich outlined several mitigation strategies in comments to his blog post. First of all, routers that are not configured for remote administration are not directly exposed to this attack. If a router needs to be administered remotely, restricting access to the administrative interface by IP address will help reduce the risk, Ullrich said. Changing the port of the interface to something other than 80 or 8080, will also prevent this particular attack, he said.

 

Previous Page  1  2 

Sign up for Computerworld eNewsletters.