WiFi flu
As if we don’t already have enough “regular” viruses to worry about, a research team from Indiana University suggests that a specially designed computer virus made to attack and propagate on unsecured WiFi routers could easily infect entire cities.
While the risk is apparently only theoretical at the moment, the potential for trouble is a function of the rapid uptake in wireless technology; there are enough open routers about nowadays that the theoretical bug could hop all across town unimpeded. [Image by kludgebox]
People tend to forget that routers are just little computers, but you can bet the malware industry is well aware of it. That said, I can’t really see the commercial potential of such a virus* - and if it can’t be used to make money, surely it would be a four-week proof-of-concept fad for script kiddies at worst?
[* The inevitable disclaimer here is that I'm not a computer security expert by any stretch of the imagination - if you can explain in more detail, please do so in the comments.]
January 4th, 2008 at 5:17 am
Lots of commercial potential. If they control your router, they control your access to the Internet.
They can easily use that to take control of your computer as well, by altering a web request to return something that exploits a Windows security vulnerability, or by modifying an executable program you were downloading anyway.
That done your router and all your computers become part of something like the storm botnet (http://en.wikipedia.org/wiki/Storm_botnet). Whence all sorts of revenue opportunities - from stock pump and dump spamming schemes, through to military-funded denial of service attacks against enemy countries.
It’s scary.
January 4th, 2008 at 9:44 am
Or they could turn your router into a mail server and use it to send to spam.
Or they could reroute legitimate requests to your bank to a phishing site instead. Since this attack corrupts the network, you and your browser, with all its anitphishing tools, would be completely unaware.
Scary indeed.