Do you have a Linksys wireless router in your Home or Office? You could be in danger from new malware that attacks your routers firmware and replicates itself. Geeks.Online has learned of malware which is self-replicating, and exploits vulnerabilities in Linksys wireless routers.
The malware virus nicknamed “The Moon;” for it’s reference to the movie of the same name, looks for other vulnerable devices to spread itself from router to wireless router. It’s been confirmed that the malicious worm has already infected around 1,000 Linksys routers. We are not sure yet if this worm is dangerous. It may potentially have a feature that will report back when it infects new hosts.
Geeks.Online does not have a definitive list of wireless routers that are vulnerable. However, Linksys Wireless-N access points and the following E-Series routers may be vulnerable to this malware depending on the firmware version: E900, E1000, E1200, E1500, E1550, E2000, E2100L, E2500, E3000, E3200, and E4200.
Linksys ships each wireless router with the Remote Management Access feature turned off by default. Customers who have not enabled this feature are not susceptible to this specific malware. We recommend disabling Remote Administration on their devices, or limiting the administration right to a limited number of trusted IP addresses. Customers who have enabled the feature can prevent further vulnerability of their network from this malware by disabling it and rebooting their wireless router to remove the installed malware. Linksys will be working on a firmware fix for the affected routers in the coming weeks.