To top
Share on FacebookTweet about this on TwitterPin on PinterestShare on Google+Share on LinkedInEmail this to someone

A computer virus is bad enough, but one that attacks a router, which help computers access the Internet, can cause serious damage. Many people often set up their routers and leave them alone, often forgetting to update the router’s firmware. However, congestion can force people to go into the settings and tinker with their router, the gatekeeper of one’s home Internet. On a larger scale, businesses have to secure routers because of the data they store—financial information, intellectual property and more. Routers are often used in distributed denial of service (DDoS) attacks as well, where thousands, if not millions, of PCs can be infected.

Anti-virus company Symantec has been monitoring a benign virus called Wifatch, which infects vulnerable routers and downloads router updates that make them harder to break into. The virus leaves a message on the router telling their owners to change their default passwords, which are often left unchanged by non-techies, as well as update their firmware. It then attempts to disinfect compromised devices and reboots them to kill off malware. While this may seem like a good thing on paper, it also tells another story about how aware Internet users are in regards to the security of their routers.

“Lately we’ve seen that home routers, and IoT devices in general, are becoming more interesting to cyber crooks; these devices may not hold a lot of interesting data but under the control of criminals they have proven to be quite useful, for instance, to articulate distributed denial-of-service (DDoS) attacks. As well as this, it’s difficult for the average user to detect if one of these devices has become infected and so most infections go unnoticed,” said Mario Ballano, security engineer at Symantec, in a blog post.

Ballano also suggested that Wifatch was a vigilante effort to secure the Internet of Things (a concept in which all devices are connected to the Internet), which some security experts have opined as extremely vulnerable as long as there are people using the Internet for malicious and criminal activity, or even as a result of how the software was made. “Many software problems are inherent in how the software was designed and originally implemented. Attempting to make such software more reliable and secure is like putting an iron door on a straw house,” said Geoffrey James, a contributing editor at Inc.com.

“Such limitations become even more severe when programs must address backward compatibility to earlier versions of the software. When that’s the case, it’s not possible to start afresh, and the resulting software inherits flaws that might otherwise have been avoided,” James continued, stressing that software developers should be aware that the problem lies in how easily their code and its implementation can be exploited.

Wifatch has infected China, Mexico and Brazil substantially – a third of Wifatch cases originate in China, while Mexico and Brazil house a quarter of the virus’s victims. Ballano reminds people that Wifatch, while benign in nature, still falls under the generally accepted definition of malware, as it infects a device without user consent. “Wifatch is a piece of code that infects a device without user consent and, in that regard, is the same as any other piece of malware,” he said. “It should also be pointed out that Wifatch contains a number of general-purpose back doors that can be used by the author to carry out potentially malicious actions.”

Leave a Reply

We are on Instagram