DroneBL Blog: Network Bluepill - stealth router-based botnet has been DDoSing dronebl for the last couple of weeks
@AlohaArleen Could it be the current worm? http://is.gd/otVx [from http://twitter.com/dc0de/statuses/1373557182]
You are only vulnerable if: * Your device is a mipsel (MIPS running in little-endian mode, this is what the worm is compiled for) device. * Your device also has telnet, SSH or web-based interfaces available to the WAN, and * Your username and password combinations are weak, OR the daemons that your firmware uses are exploitable. As such, 90% of the routers and modems participating in this botnet are participating due to user-error (the user themselves or otherwise). Unfortunately, it seems that some of the people covering this botnet do not understand this point, and it is making us look like a bunch of idiots.