The new “psyb0t” worm infects modem/routers by getting in via unsecured ssh/telnet ports on common MIPS Linux-based models such as those by Netcomm, Netgear and Linksys. Apparently a lot of these devices are shipped unsecured… and of course, most people don’t know how to check and change that. I know I don’t.

My router has DD-WRT on it. The DD-WRT web site has an article saying they believe they are not vulnerable, unless WAN management has been enabled.

It’s probably worth checking with your router or firmware provider to see if you’re vulnerable, and/or steps to check and secure your equipment.

APCmag: New worm can infect home modem/routers

ZDNet: ‘Psyb0t’ worm infects Linksys, Netgear home routers, modems

DRONEBL: Network Bluepill – stealth router-based botnet has been DDoSing dronebl for the last couple of weeks — which clarifies the conditions under which the infection can spread.