A computer worm has been discovered that can infect 55 different home-based routers and DSL/cable modems including common brands like Linksys and Netgear.
Believed to have originated in Australia and known as "psyb0t" or Bluepill, this is the first worm known to be able to infect residential routers and modems.
Psyb0t is armed with 6000 common usernames and 13,000 popular passwords that it tries in various combinations to gain entry to your home network. Most home-based routers will give you unlimited attempts to get the username and password correct, making these devices an ideal target for infection. Also, unlike your PC, your router and modem are running 24 hours a day meaning psyb0t has a relatively unlimited amount of time to try and gain access.
If that wasn’t frightening enough, psyb0t is reportedly very hard to detect and most home users will be unaware that they’re infected. Like other worms, psyb0t is designed to infect systems and then carry out commands given by its author, creating what is known as a botnet. There may not be much cause for alarm, though, as APC Magazine is reporting that the botnet capabilities for this worm are no longer active. At its height, psyb0t was suspected of controlling 80,000 tio 100,000 systems.
To disinfect or read more information on Psyb0t, go to http://www.dronebl.org/blog/8 “Network Bluepill – stealth router-based botnet has been DDoSing dronebl for the last couple of weeks”