New Linux worm infested, the router be careful with-Linux worm, worm, Linux.Darlloz-IT information New Linux worm infested, the router be careful

Kaoru Hayashi Symantec researchers recently found a Linux worm that can quickly infect home routers, set-top boxes, security cameras, and other Internet-connected household appliances.

This worm named Linux.Darlloz has been classified as a low security risk, because the current version only to the x86 platform devices. But after some modifications resulting from mutations of the virus has been able to threaten the device that uses the ARM chip as well as the PPC,MIPS,MIPSEL schema. Weaknesses of this worm may use equipment, randomly generated IP addresses, frequently used ID and password to enter the machine through a specific path and send a HTTP POST request. If the destination has not yet patched, it will continue to download the worm from a malicious server and look for the next target.

Although Linux.Darlloz did not cause great harm in the world, but it has also exposed a gap in most current networking equipment. Most of them are run on the open source Linux or some other outdated systems. These devices a lightweight hardware cannot handle requests for updated versions of the code that cannot be upgraded. Darlloz is a 18 months ago there was a patch of the PHP scripting language loophole.

新型Linux蠕虫病毒出没，路由器要小心了 - Linux蠕虫病毒,蠕虫病毒,Linux.Darlloz - IT资讯
新型Linux蠕虫病毒出没，路由器要小心了

Symantec的研究员Kaoru Hayashi最近发现了一种Linux蠕虫病毒，能够迅速感染家用路由器，机顶盒，安全摄像头以及其它一些能够联网的家用设备。

这种名叫Linux.Darlloz的蠕虫病毒已被归类为低安全风险，因为当前的版本只能感染x86平台设备。但是这种病毒在经过一些修改之后产生的变种已经能够威胁到使用ARM芯片以及PPC，MIPS，MIPSEL架构的设备。这种蠕虫病毒会利用设备的弱点，随机产生一个IP地址，通过常用的ID以及密码进入机器的一个特定路径，并发送HTTP POST请求。如果目标没有打补丁，它就会从恶意服务器继续下载蠕虫，同时寻找下一个目标。

虽然Linux.Darlloz还没有在世界范围内造成巨大的危害，但却也暴露出目前大多数联网设备的一大缺陷。它们大多都是在Linux或者其它一些过时的开源系统上运行的。而这些设备的轻量级硬件无法处理更新版本的代码请求而无法升级。Darlloz利用的就是一个18个月以前就有了补丁的PHP脚本语言漏洞。