Menu
Home
People
Places
Arts
History
Plants & Animals
Science
Life & Culture
Technology
Reference.org
Linux.Wifatch
open-in-new
<h2 id="operation">Operation</h2> <p>Linux.Wifatch's primary mode of infection is by logging into devices using weak or default <a href="/facts/Telnet/hxT0e85h">telnet</a> credentials.<a class="footnote-ref" id="fnref:6" href="#fn:6"><sup>6</sup></a><a class="footnote-ref" id="fnref:7" href="#fn:7"><sup>7</sup></a> Once infected, Linux.Wifatch removes other malware and disables telnet access, replacing it with the message "Telnet has been closed to avoid further infection of this device. Please disable telnet, change telnet passwords, and/or update the firmware."<a class="footnote-ref" id="fnref:8" href="#fn:8"><sup>8</sup></a> </p> <h2 id="see-also">See also</h2> <ul><li><a href="/facts/Denial-of-service_attack/6nkoK02J">Denial-of-service attack</a></li> <li><a href="/facts/BASHLITE/TLnyIz56">BASHLITE</a> – another notable IoT malware</li> <li><a href="/facts/Linux.Darlloz/pPPHRn4P">Linux.Darlloz</a> – another notable IoT malware</li> <li><a href="/facts/Remaiten/ko20XCxe">Remaiten</a> – another notable IoT malware</li> <li><a href="/facts/Mirai_(malware)/zX4hvgUG">Mirai</a> – another notable IoT malware</li> <li><a href="/facts/Hajime_(malware)/6ttvTneI">Hajime (malware)</a> - malware which appears to be similar in purpose to Wifatch</li></ul> <h2 id="external-links">External links</h2> <ul><li><a href="https://gitlab.com/rav7teif/linux.wifatch/">Linux.Wifatch at GitLab</a></li></ul> <h2 id="references">References</h2> <ol> <li id="fn:1"><p>Ballano, Mario (1 Oct 2015). "Is there an Internet-of-Things vigilante out there?". Symantec. Retrieved 14 November 2016. <a href="https://community.broadcom.com/symantecenterprise/communities/community-home/librarydocuments/viewdocument?DocumentKey=ef23b297-5cc6-4c4a-b2e7-ff41635965fe&CommunityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocuments" target="_blank">https://community.broadcom.com/symantecenterprise/communities/community-home/librarydocuments/viewdocument?DocumentKey=ef23b297-5cc6-4c4a-b2e7-ff41635965fe&CommunityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocuments</a> <a href="#fnref:1" class="footnote-back-ref">↩</a></p></li> <li id="fn:2"><p>Das, Samburaj (October 2, 2015). "Linux.Wifatch: Vigilante Hacker Infects Routers with Malware to Fight Bad Malware". hacked.com. Retrieved 14 November 2016. <a href="https://hacked.com/linux-wifatch-vigilante-hacker-infects-routers-malware-fight-bad-malware/" target="_blank">https://hacked.com/linux-wifatch-vigilante-hacker-infects-routers-malware-fight-bad-malware/</a> <a href="#fnref:2" class="footnote-back-ref">↩</a></p></li> <li id="fn:3"><p>Kovacs, Eduard (October 7, 2015). "Developers of Mysterious Wifatch Malware Come Forward". securityweek.com. Retrieved 15 November 2016. <a href="https://www.securityweek.com/developers-mysterious-wifatch-malware-come-forward" target="_blank">https://www.securityweek.com/developers-mysterious-wifatch-malware-come-forward</a> <a href="#fnref:3" class="footnote-back-ref">↩</a></p></li> <li id="fn:4"><p>"linux.wifatch". The White Team. October 5, 2015. Retrieved 15 November 2016. <a href="https://gitlab.com/rav7teif/linux.wifatch" target="_blank">https://gitlab.com/rav7teif/linux.wifatch</a> <a href="#fnref:4" class="footnote-back-ref">↩</a></p></li> <li id="fn:5"><p>Cimpanu, Catalin (Oct 7, 2015). "Creators of the Benevolent Linux.Wifatch Malware Reveal Themselves". Softpedia. Retrieved 14 November 2016. <a href="http://news.softpedia.com/news/creators-of-the-benevolent-linux-wifatch-malware-reveal-themselves-493938.shtml" target="_blank">http://news.softpedia.com/news/creators-of-the-benevolent-linux-wifatch-malware-reveal-themselves-493938.shtml</a> <a href="#fnref:5" class="footnote-back-ref">↩</a></p></li> <li id="fn:6"><p>Ballano, Mario (1 Oct 2015). "Is there an Internet-of-Things vigilante out there?". Symantec. Retrieved 14 November 2016. <a href="https://community.broadcom.com/symantecenterprise/communities/community-home/librarydocuments/viewdocument?DocumentKey=ef23b297-5cc6-4c4a-b2e7-ff41635965fe&CommunityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocuments" target="_blank">https://community.broadcom.com/symantecenterprise/communities/community-home/librarydocuments/viewdocument?DocumentKey=ef23b297-5cc6-4c4a-b2e7-ff41635965fe&CommunityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocuments</a> <a href="#fnref:6" class="footnote-back-ref">↩</a></p></li> <li id="fn:7"><p>Kovacs, Eduard (October 7, 2015). "Developers of Mysterious Wifatch Malware Come Forward". securityweek.com. Retrieved 15 November 2016. <a href="https://www.securityweek.com/developers-mysterious-wifatch-malware-come-forward" target="_blank">https://www.securityweek.com/developers-mysterious-wifatch-malware-come-forward</a> <a href="#fnref:7" class="footnote-back-ref">↩</a></p></li> <li id="fn:8"><p>Ballano, Mario (1 Oct 2015). "Is there an Internet-of-Things vigilante out there?". Symantec. Retrieved 14 November 2016. <a href="https://community.broadcom.com/symantecenterprise/communities/community-home/librarydocuments/viewdocument?DocumentKey=ef23b297-5cc6-4c4a-b2e7-ff41635965fe&CommunityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocuments" target="_blank">https://community.broadcom.com/symantecenterprise/communities/community-home/librarydocuments/viewdocument?DocumentKey=ef23b297-5cc6-4c4a-b2e7-ff41635965fe&CommunityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocuments</a> <a href="#fnref:8" class="footnote-back-ref">↩</a></p></li> </ol>