Computerworld is reporting the possibility of a worm or bot in the wild that is specifically targeting D-Link branded routers. It refers to a three year old vulnerability which Symantec security researchers believe is being exploited by a new exploit. Apparently, the Symantec security response team has seen an increase in attack activity as it relates to D-Link devices.

Oliver Friedrichs, director of the Symantec security response team, is quoted as saying that it looks like hackers are "exploiting the SNMP vulnerability to reset and reconfigure the administrative password on the routers" after scanning TCP port 23 for an active SNMP service.

The report goes on to suggest that router vulnerabilities are up, and unsurprisingly so are attacks against routers as a result. Unfortunately, there is no comment from D-Link itself with regard to whether it had investigated if this vulnerability was being exploited, nor indeed if it had ever been patched.

223 Views
About the Author

A freelance technology journalist for 30 years, I have been a Contributing Editor at PC Pro (one of the best selling computer magazines in the UK) for most of them. As well as currently contributing to Forbes.com, The Times and Sunday Times via Raconteur Special Reports, SC Magazine UK, Digital Health, IT Pro and Infosecurity Magazine, I am also something of a prolific author. My last book, Being Virtual: Who You Really are Online, which was published in 2008 as part of the Science Museum TechKnow Series by John Wiley & Sons. I am also the only three times winner (2006, 2008, 2010) of the BT Information Security Journalist of the Year title, and was humbled to be presented with the ‘Enigma Award’ for a ‘lifetime contribution to information security journalism’ in 2011 despite my life being far from over...