Discovered by Czech researchers, the Chuck Norris botnet has been spreading by taking advantage of poorly configured routers and DSL modems. The malware got the Chuck Norris moniker from a programmer’s Italian comment in its source code: ‘in nome di Chuck Norris’, which means ‘in the name of Chuck Norris’. Chuck Norris is unusual in that it infects DSL modems and routers rather than PCs. It installs itself on routers and modems by guessing default administrative passwords and taking advantage of the fact that many devices are configured to allow remote access. They’re behind the times, though. It should’ve been the Epic Beard Man Botnet. Move over, Chuck.
At this point, I should drop everything and run to my modem to see if it is infected. Instead, I am searching the tubes for new “Chuck Norris facts” jokes…
http://en.wikipedia.org/wiki/Chuck_Norris_facts
Edited 2010-02-22 10:26 UTC
This man crushes Chuck Norris botnets with his eyebrows:
http://www.schneierfacts.com/
What about cable modems/router combos, seeing as how they mention routers & DSL modems?
The company I work for just had the router for one of its smaller subnets infected with that worm. I removed the router and setup a new Cisco and plugged it into the network, fortunately the worm had not spread to any other places on the network, we are still looking into it.
[Just for info: that infection took place in a rural area in the US, state: Maine.]
Question, how difficult would it be for these manufacturers to require in the setup or initial loading of the administrative page for a password to be set? In the article it says that this can be mitigated by using a strong password. How about just ANY freaking password other than default? Problem here is these are devices marketed to consumers with very little knowledge or technical skills, so I don’t think it is out of the ordinary or asking too much for these device makers to simply require a password to be set.
I seen what happens when you do that for the general consumer market.
5% will change it to a good strong password and keep it in their head or a secured place.
10% will change it to the easiest password they can remember (usually their own name, the dog or cat). Very rarely is this a strong password in any sense.
25% will stick a post-it note with the password to the machine (50% of these will lose the post-it note within a year or the next move).
33% Will suffer brain lock and claim they can’t read/understand that tech talk. And they will keep on claiming this if they call tech support.
And most of the rest will either pack-up and return the item or wait till their eight(8) year old comes home who will in turn read the manual/screen instructions. However, 8 year olds don’t understand security so they don’t pick strong passwords either.
I just removed the password on all my home equipment. Typing passwords is just a waste of time.
As long as your system doesn’t allow remote logins without password you may actually be safer than with a password.
You should still think about the implications if your devices are stolen, though. The most stupid two characters password is well beyond what any burglar will be able to break. He will format the drive and be done. Without a password he just needs to be able to use a computer at all to recover personal information possibly including on-line banking login data.
Passwords don’t really matter with physical access.
Quick, someone create a Bruce Lee anti-malware solution.
No change Chuck Norris ones hit router and whole Internetz went down.
Can this worm infect DSL modems in bridged mode?