Security researchers warn for a new virus that attacks MIPS-based routers and their embedded Linux operating system, by inserting code through the use of a brute force attack.
This nasty virus attacks MIPS based routers and their embedded Linux OS. As most users do not bother to go in and check for things like remote management, UPnP [Universal Plug and Play], SSH [Secure Socket Handler] access after the initial setup - it's not surprising to see this new vector of attack on a previously untapped security hole. At the time of writting, the psyb0t code base cannot affect x86 based systems; it only affects MIPS running in little-endian mode, which is unfortunately around 90% of the current consumer DSL Modem and Home Router market.
The attack was discovered by DroneBL. It seems to have multiple functions for use - from deep packet inspection [looking for usernames and passwords], searching for exploitable MySQL and MSSQL systems, to establishing a BotNet for DDoS attacks. In fact, DroneBL has been subjected to a flood of HTTP requests as part of a DDoS attack. It was this attack that allowed them to identify the source and find this new virus.