Linux.Wifatch

from Wikipedia, the free encyclopedia

Linux.Wifatch is a computer worm that was discovered in 2014. This virus attacks routers and fixes security holes in them. It is written in Perl and uses its own Perl interpreter. It is therefore a so-called helpful worm .

The attacks seem to be carried out using weak Telnet passwords and the brute force method . Most of the affected devices are in the People's Republic of China and Brazil .

Linux.Wifatch differs from many worms: on the one hand, the source code is not obfuscated , on the other hand, the virus does not seem to have carried out any harmful activities so far. He has closed security gaps in the affected devices. He updated the affected devices via a peer-to-peer network. Linux.Wifatch deactivates the Telnet client, but leaves a message for the owners of the device:

Telnet has been closed to avoid further infection of this device. Please disable telnet, change telnet passwords, and / or update the firmware.

In the source code of Linux.Wifatch there is also a quote from Richard Stallman :

To any NSA and FBI agents reading this: please consider whether defending the US Constitution against all enemies, foreign or domestic, requires you to follow Snowden's example.

Web links

Individual evidence

  1. ^ Charlie Osborne: Internet of Things vigilante malware strikes tens of thousands of devices - to protect them. ZDNet , October 2, 2015, accessed on October 6, 2015 (English).
  2. CASE 1: ifwatch malware Part November 1st , 2014, accessed on October 6th, 2015 .
  3. ^ Rudolf Opitz: Virus or Vaccine? WiFatch attacks routers and protects against malware. Heise online , October 3, 2015, accessed on October 6, 2015 .
  4. Mario Ballano: Is there an Internet-of-Things vigilante out there? Symantec , October 1, 2015, accessed October 6, 2015 .