Interesting, it can even eradicate existing Malware
I remember this use to happen during the "virus era"
Good news is it exploits the lazy users meaning, poor configuration / weak credentials.
From the Article:
Moose worm does not rely upon amy underlying vulnerability in the routers – it is simply taking advantage of devices that have been weakly configured with poorly chosen login credentials.
The principal victims are likely to be routers – with devices from Actiontec, Hik Vision, Netgear, Synology, TP-Link, ZyXEL, and Zhone already identified as vulnerable
ESET’s team observed the worm creating bogus accounts on sites such as Instagram, and automatically following users. In many cases the rise in followers was carefully staggered over some days, seemingly to avoid raising alarms in automated systems built by the social networks to identify suspicious behaviour.
As well as social networking fraud, ESET’s paper considers that the malware could potentially be used for other activities – such as distributed denial-of-service attacks, targeted network exploration (where it works hard to dig deep past firewalls) and eavesdropping and DNS hijacking (which could lead itself to phishing and further malware attacks).
More here
No comments:
Post a Comment