Security Protection – Harry Waldron MVP Rotating Header Image

Malware – Linksys Moon worm update MAR2014

The ISC shares update on Linksys Moon worm

https://isc.sans.edu/forums/diary/A+few+updates+on+The+Moon+worm/17855

QUOTE: It has been over a month since we saw the “Moon” worm first exploiting various Linksys routers. I think it is time for a quick update to summarize some of the things we learned since then. Infected systems will run an additional https server on a random port. The communication we observed in earlier posts is just https, using a self signed certificate. The server also provides statistics pages with summaries listing infected systems

Comments are closed.