Owners of Linksys routers are being on notice: A new piece of malware called “The Moon” is targeting and infecting Linksys router firmware to help it spread.
Last week, the Internet Storm Center (ISC) first reported that a worm named The Moon was targeting and spreading through vulnerabilities present in Linksys routers. In the days since, security researchers have been analyzing the malware and working on a fix.
According to the ISC, potentially vulnerable router models include: the Linksys E4200, E3200, E3000, E2500, E2100L, E2000, E1550, E1500, E1200, E1000 and E900. This list may not be complete.
Belkin, the company that owns Linksys, has released a statement about the worm.
“Linksys is aware of the malware called ‘The Moon’ that has affected select older Linksys E-Series routers and select older Wireless-N access points and routers. The exploit to bypass the admin authentication used by the worm only works when the Remote Management Access feature is enabled. Linksys ships these products with the Remote Management Access feature turned off by default.”
How can you protect yourself against the security threat? Linksys says a firmware fix for its routers will be available on its website “in the coming weeks.” In the meantime, it appears that disabling your Linksys router’s Remote Management Access feature thwarts the worm. The company explains how you can do this on its Knowledge Base website.
For more information on protecting yourself against malware and other online trouble in general, you might want to look into these 6 ways to protect yourself from online threats.