A Router Virus That Actually Keeps You Safe!

My favorite technology news blog has posted another post!

Technology

Routers are amongst the most hackable devices connected to the internet — not often updated, easily compromised, and virtually never scanned for viruses. However a new router virus may actually be making the units safer, based on a report from the security firm Symantec. Dubbed Linux.Wifatch, the bug behaves like an everyday virus from the outside: infecting the system, operating undetected, and coordinating actions via a peer-to-peer network. However instead of performing DDoS assaults or on the lookout for sensitive information, Wifatch’s acts like a vigilante and its primary function appears to be protection from other malwares and viruses out there. It stays updated on virus definitions by way of its peer-to-peer network, deletes any spyware found, and cuts off different channels malware would usually use to attack the router. In short, Wifatch is actually defending its victims!

“To any NSA or FBI agents reading this: please consider whether defending the US constitution against all enemies, international or domestic, requires you to follow Snowden’s example.”

Most of Wifatch’s code is written in the Perl programming language and it targets several architectures and ships its own static Perl interpreter for each of them. Once a device is infected with the Wifatch, it connects to a peer-to-peer network that is used to distribute threat updates.
Breakdown of countries virus has infected
Breakdown of countries the virus has infected – Source: Symantec

It is still unclear where Wifatch comes from or why it was created, nevertheless it appears to be completely different from the typical virus. First discovered in 2014, the virus appears to make little effort to hide itself, and leaves numerous benign messages in its code. One, triggered when a person tries to access the Telnet, reminds users to update the machine’s firmware. Another, dropped as a comment in the source code, repeats a statement from free-software activist Richard Stallman: “To any NSA or FBI agents reading this: please consider whether defending the US constitution against all enemies, international or domestic, requires you to follow Snowden’s example.”

wifatch message
Wifatch message when a user tries to access telnet

Symantec estimates “somewhere within the order of tens of thousands of devices” are contaminated with the virus, with infections largely centered in Brazil, China, and Mexico. Resetting the router is enough to remove the virus, however the firm warns that a router might become reinfected over time. “Symantec will be keeping a close eye on Linux.Wifatch and the actions of its mysterious creator,” the post concludes. “Customers are suggested to keep their system’s software and firmware updated.”

The post A Router Virus That Actually Keeps You Safe! appeared first on – GadgTecs.

from – GadgTecs http://ift.tt/1OgCrxS
via IFTTT – GadgTecs is the best science, technology blog http://ift.tt/1NfbdaO

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s