Wifatch good router virus?

[Legion495]

Hi Community! 
Do you believe in Viruses that help people? Not? This might be one.

http://www.theverge.com/2015/10/1/9434521/router-virus-fights-off-malware-security

 

 

 

Routers are among the most hackable devices out there — rarely updated, easily compromised, and almost never scanned for viruses. But a new router virus might actually be making the devices safer, according to a report from the security firm Symantec. Dubbed Linux.Wifatch, the bug behaves like a regular virus from the outside: infecting the device, operating undetected, and coordinating actions through a peer-to-peer network. But instead of performing DDoS attacks or looking for sensitive data, Wifatch's main role seems to be keeping other viruses out. It stays up to date on virus definitions through its peer-to-peer network, deletes any malware discovered, and cuts off other channels malware would typically use to attack the router. In short, Wifatch is actually protecting its victims.

It's still unclear where Wifatch comes from or why it was created, but it seems to be very different from the average virus. First detected by a researcher in 2014, the virus seems to make little effort to conceal itself, and leaves various benign messages in its code. One, triggered when a user tries to access the Telnet feature, reminds users to update the device's firmware. Another, dropped as a comment in the source code, repeats a statement from free-software icon Richard Stallman: "To any NSA or FBI agents reading this: please consider whether defending the US constitution against all enemies, foreign or domestic, requires you to follow Snowden's example."
 

 

Symantec estimates "somewhere in the order of tens of thousands of devices" are infected with the virus, with infections largely focused on Brazil, China, and Mexico. Resetting a device is enough to remove the infection, but the firm warns that a router may become reinfected over time. "Symantec will be keeping a close eye on Linux.Wifatch and the activities of its mysterious creator," the post concludes. "Users are advised to keep their device’s software and firmware up to date."
 

Really cool thing imo. Didn't saw any post about but If there is one feel free to report my topic.
To be honest I don't believe this virus will harm anyone anytime soon, because it's known since 2014 and nothing has happend yet.

MfG Legion4-9-5

[,,,,,,,,,,,,,,,,,,,,,,,,,,]

Dammit. Looks like me and my posse will have to use pikachu packets to rootkit the mosfets and eliminate wifatch!

 

 

Whoever created this is genius.

[JebKerman]

that must have been an interesting find:

 

"errr ... we found a new virus, it's infecting routers"

"What does it do?"

"... it keeps other viruses out."

"0_o"

 

I can understand why Symantec want's to keep an eye on this though. What if the creator uses this to specifically let THEIR viruses (or other malicious software) in by having this virus give it the OK, or even disguise it.

 

Additionally, this means this virus is in the public domain, where more malicious folk may find how to crack it, or use it's own router penetration technique to put their own viruses into routers.

[qwertywarrior]

i router should be just a router dont had server functionality to it and you will be fine

+ disable ssh upnp etc

 

the pfsense mantra

[brownninja97]

its not really a virus then, its more a forceful firewall.

[Rune]

This is actually a really great idea. Like...someone picking up trash on the side of a highway. Technically not legal, but still for the better good.

[bcredeur97]

So we will start the virus off nice and harmless... Once we infect the entire world we will unleash its bad side and chaos will reign throughout the world!!!

Bwhahahaha

^ my impression of the person who made this lol

[Guest]

Oh wow, this totally made my day and reminded me of this

[sof006]

i router should be just a router dont had server functionality to it and you will be fine

+ disable ssh upnp etc

 

the pfsense mantra

Only issue with disabling UPNP is that its used by a lot of devices for port forwarding. Like games consoles, disabling it can cause closed NAT type etc.

[Trik'Stari]

I've always said someone should create a virus that hunts other viruses.

[KemoKa]

I've always said someone should create a virus that hunts other viruses.

Someone needs to do that, create a virus that detects and automatically gets rid of unauthorized software, and clears the registry every few weeks.

[Trik'Stari]

Someone needs to do that, create a virus that detects and automatically gets rid of unauthorized software, and clears the registry every few weeks.

Too bad it can't be engineered to hunt down the ass-hats that make viruses and destroy their computers

[KemoKa]

Too bad it can't be engineered to hunt down the ass-hats that make viruses and destroy their computers

If it detects a virus that's been installed on the computer, have it look up where the virus came from, and then send a signal to a botnet somewhere which will then DDoS the website that made the virus.

 

Kind of like an automatic 4chan.

[as96]

Oh wow, this totally made my day and reminded me of this

gen-locker.jpg

At least that makes you laugh.

[Nowak]

Well this is... interesting. A virus that benefits the end user.