Fear malware that infects routers and mass-produces bots that will make a dramatic leap on SNS will be discovered

ByLoKan Sardari

"Development and sales of security software"ESET"According to the research results released by researchers, the latest infected with malware on the SNS by infecting routersworm(Malware having the property of duplicating itself and diffusing it to other systems). The problematic worm is "MooseIt is what is called what is this kind of security related information site operated by ESET "We Live SecurityIt is revealed.

Moose - the router worm with an appetite for social networks
http://www.welivesecurity.com/2015/05/26/moose-router-worm/


ESET researchers Olivier Bilodou and Mr. Thomas Dupai said: "We infected routers and took over the internet connection path and created accounts on SNS, and the number of likes and the number of movie views We will discover a new kind of worm called "Increase the number of accounts and follow up specific accounts".

This is malware infecting Linux based routers and terminals, and it is called "Moose". Moose is capable of deleting conflicting malware when the target router is already infected with some malware and being infectiously uninfectible, and automatically searches other infectible routers It is a terrible thing to be able to do. In addition, when Moose infects routers or some digital terminals, it does not use the vulnerability of the terminal, but it seems to infect by simply breaking through the login authentication information.


Because the router becomes the source of infection, this Moose may cause accidental collateral damage to terminals other than routers. ESET's research team said "HospiraEven medical equipments in Hawaii may be infected with Moose. "The extent of its infection route is a threat.

However, it is the router that is the main target of Moose to the last, especially,Actiontec·HIKVISION·NETGEAR·Synology·TP-LINK·ZyXEL·ZhoneManufacturer's routers like vulnerabilities have already been confirmed and it is necessary to pay attention.

ByChiliem Le

ESET's research team, which was investigating Moose, says, "The worm automatically accessed the SNSS like Instagram to create an account and began to follow other users." And, in many cases, the SNS side keeps on following at a speed that does not judge as "suspicious behavior", and it seems that it continues to increase the number of "nice" and the number of times the movie is played.

Some SNS users and corporate accounts use specialized services to increase followers on Twitter and Instagram, or to increase "likes" on Facebook. It is not certain how such a service is increasing the number of followers and "likes", but unknowingly I borrowed the power of malware like Moose to illegally inflate the numbers on SNS We Live Security describes that there is no mystery even if it is.


In addition, the researchers analyze that moose may be used besides such misconduct on SNS. For example,DDoS attackMoose can also be used for searching for a target network and hijacking DNS.

BySimo Tata

As a method to avoid Moose, it is mentioned that the latest security patch is applied to the router, and that the password of the terminal connected to the Internet not to use the default or easily decodable one.