Worm infects unpatched Ubiquiti wireless devices
Routers and other wireless devices made by Ubiquiti Networks have recently been infected by a worm that exploits a year-old remote unauthorized access vulnerability.
The attack highlights one of the major issues with router security: the fact that the vast majority of them do not have an auto update mechanism and that their owners hardly ever update them manually.
The worm creates a backdoor administrator account on vulnerable devices and then uses them to scan for and infect other devices on the same and other networks.
“This is an HTTP/HTTPS exploit that doesn’t require authentication,” Ubiquiti said in an advisory. “Simply having a radio on outdated firmware and having its http/https interface exposed to the Internet is enough to get infected.”