Malware has been found in the wild that masquerades as harmless Linux/Unix-like software for routers, but is in fact an IRC backdoor.
The malware, which poses as a .elf file, has infected machines in Latin America, security company Trend Micro said in a blog post yesterday. Trend Micro has called the exploit ELF_TSUNAMI.R., and says it can also compromise D-Link DWL-900AP+ access points.
An infected machine connects to a botnet on internet relay chat (IRC) servers, Trend Micro said. The exploit may perform brute-force attacks on router username password pairs. At the time of writing, Trend Micro was analysing how the malware spreads, and whether machines in geographical territories outside of Latin America have been compromised.
Read more of "Malware attacks Linux and Unix-like routers" at ZDNet UK.