Chuck Norris Attacks Linux-Based Routers, Modems

angry tapir writes "Discovered by Czech researchers, the Chuck Norris botnet has been spreading by taking advantage of poorly configured routers and DSL modems. The malware got the Chuck Norris moniker from a programmer's Italian comment in its source code: 'in nome di Chuck Norris,' which means 'in the name of Chuck Norris.' Chuck Norris is unusual in that it infects DSL modems and routers rather than PCs. It installs itself on routers and modems by guessing default administrative passwords and taking advantage of the fact that many devices are configured to allow remote access."

Re:As far as misleading headlines go

[FluffyWithTeeth]

I've also got to question the sense of naming a botnet like this. Sure it's memorable, but what's to stop Chuck Norris from taking legal action against the researchers who coined the name? I certainly wouldn't want my name associated with a criminal enterprise.

Re:non Linux based routers

[Anderu67]

There's no way to update the DS, as the wi-fi stack is built into each game cartridge. Chances are you wouldn't be using a DS online enough to want to lower your security though...

Not always the user's fault

[dlgeek]

There are a lot of comments here laying the blame on dumb users, and I agree that they're often at fault, but sometimes the ISPs are to blame. I once had a cable provider (Brightstar, in Seattle) that gave me a combination modem/router that only had an extremely basic admin interface available - the only thing I could change was the WPA password. However, if you SSH'd in to the router from the outside (and only from the outside), you could log in with the default administrator username and password (found through google) and reconfigure almost everything through a horribly undocumented text interface. There's almost no way for a normal user to figure this out or change it, and if they did change the password, the ISP (who almost certainly is using this interface for mass-management) would probably be pretty upset.