back to article Infosec miscreants are peddling malware that will KO your router

Malware targeting embedded devices such as routers rather than computers is doing the rounds. A new and improved version of Kaiten, an Internet Relay Chat (IRC)-controlled malware typically used to carry out distributed denial-of-service (DDoS) attacks, is spreading, security firm ESET warns. KTN-Remastered or KTN-RM features …

  1. Youngone Silver badge

    What Security?

    I'm going to assume that this relies on people not changing the default logins on their ISP supplied router.

    "Surely everyone does that" I hear you say.

    Apparently not.

    1. Pookietoo

      Re: What Security?

      It sound as if it relies on people not disabling remote login. :-o

      1. Anonymous Coward
        Anonymous Coward

        @Pookietoo - Re: What Security?

        Yeap! Like some ISPs for example.

      2. Jeffrey Nonken

        Re: What Security?

        Telnet logon. I didn't see any other vector in TFA, though I admit I read it rather quickly. Do router companies really leave that on by default? I noticed the option in e.g. my last router (Asus RT-AC68R) but I don't remember having to disable it. Granted my memory is vague on that.

        Why would anybody turn that on?

  2. Anonymous Coward
    Anonymous Coward

    "nasty surprise"?

    So where's the "nasty surprise in store if you try and kill it"?

    1. Anonymous South African Coward Silver badge

      Re: "nasty surprise"?

      Also want to know what's in store for you should you try and kill it... all I can guess is that it bricks the device solid, with no chance of recovery.

    2. Jeffrey Nonken

      Re: "nasty surprise"?

      I was trying to find that myself. Didn't notice anything in the linked article.

  3. Anonymous South African Coward Silver badge

    And this kind of thing makes me wonder just how safe or secure some of the devices out there really are. Going to be interesting.

    Bonus point for said malware if it kills off vast swathes of botnets and zombies.

    1. Hargrove

      Not very would be a good guess

      @ Anonymous South African Coward

      A couple of weeks ago I posted the following on in the Forums. I found Goodman's book an interesting an interesting read on the subject.

      http://forums.theregister.co.uk/forum/1/2016/03/15/Hargrove_Anyone_for_a_Book_Discussion_Marc_Goodman_Future_Crimes/?post_received=2826108#c_2826108

      Frankly I see no way that the users of IT can defend themselves against the growing malware threat in the current operating environment. That is:

      Software suppliers who require that users accept downloads of countless thousands of lines of executable code whose only purpose is to provide economic and competitive advantage to the vendor. This is code that runs in the background, that cannot be easily removed by the average user, In many cases, unwanted functions are bundled with essential functions in such a way as to preclude their removal. The user can disable them. But again, in many cases, this only disables the user interface. The programs stay on the system, and run in the background doing God knows what. . . I as the owner of the system in question certainly do not. And the vendors do everything in their power to ensure that I as the owner/customer do not have easy access to that knowledge.

      Fundamentally, each and every one of these unwanted components is a potential vector for malware.

      Those who govern, particularly here in US have been fully complicit in creating this operating environment. The practices and policies established under the veil of the Federal Information Security Management Act has been key contributor, as have the restrictions on and impediments to use and development of effective cybersecurity technologies.

      It's been 45 years since I had the IT chops to program in machine language by poking the individual indicator light/switches on the from panel of a Navy tactical computer. But I fancy I still have a feel for the territory. I was edified to see that other commenters--who are clearly more knowledgeable on current technology than I am--had some of the same questions about this threat.

      If those who sell and govern gave a rat's ass about the security of their customers, the answers would be universally available. As it is end-users are forced to rely on crowd-sourced Communities, half of whom appear to be shills for the company, parroting back steps that don't work, the other half of whom are guessing--usually that something that didn't work for W7 might work for W10, It is to weep.

      A side note. Downloading W10 opened a Pandora's box on unanticipated complications for me. Will spare the details, but in the process, I wound up contacting customer support for my router. The tech expressed great surprise when he couldn't access the router remotely, with the default "password."

      Effective security is impossible under these conditions.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like