Believed to have originated in Australia and known as “psyb0t” or Bluepill, this is the first worm known to be able to infect residential routers and modems.
Psyb0t is armed with 6000 common usernames and 13,000 popular passwords that it tries in various combinations to gain entry to your home network. Most home-based routers will give you unlimited attempts to get the username and password correct, making these devices an ideal target for infection. Also, unlike your PC, your router and modem are running 24 hours a day meaning psyb0t has a relatively unlimited amount of time to try and gain access.
The DroneBl blog — a real-time tracker that looks for botnets — says the threat psyb0t poses or could have posed is overstated. DroneBL believes this is not an “end of the world, all routers are vulnerable” thing. But the appearance of psyb0t is troubling because it is so hard to detect and could be used to steal “personally identifying information,” the blog adds.
While the threat posed by psyb0t may not be high, it is still extremely important to take precautionary measures against this kind of attack. The best way to protect yourself is to make sure you are not using the default password and username that came with your equipment. Consult the materials that came with your device or the manufacturer’s website for instructions on how to change your username and password. If you’re worried you have been infected, a simple factory reset of your device will kill the worm.