Vigilante Hackers Look To Improve Router Security

Security firm Symantec recently came across a newly discovered malware that compromised more than 10,000 routers. But unlike most malware, the so-called Linux.Wifatch malware may actually be doing more good than harm.

While initially detected last year in China and Brazil, the malware has since been identified as eliminating other malware, blocking vulnerable entry points and warning users to update passwords and firmware on the routers which it has infected.

“For all intents and purposes, it appeared like the author was trying to secure infected devices instead of using them for malicious activities,” Symantec researcher Mario Ballano said in a blog post late last week.

“Despite the previously listed actions, it should be made clear that Linux.Wifatch is a piece of code that infects a device without user consent and in that regard is the same as any other piece of malware.”

Ballano pointed out that despite its “vigilante” nature, Wifatch still contains a number of ways for a threat author to carry out potentially malicious acts without the user’s knowledge.

But now it seems a group of “do-gooder” hackers have stepped up and taken responsibility for the malware, Forbes reported Tuesday (Oct. 6).

The group is calling themselves The White Team, and they told Forbes more things may be in store to fix vulnerable machines, like routers, going forward.

When asked why the Wifatch software was created, the group responded via Gitlab, explaining: “First, for learning. Second, for understanding. Third, for fun, and fourth, for your (and our) security. Apart from the learning experience, this is a truly altruistic project, and no malicious actions are planned.”

“The amount of saved bandwidth by taking down other scanning malware, the amount [of] energy saved by killing illegal bitcoin miners, the number of reboots and service interruptions prevented by not overheating these devices, the number of credentials and money not stolen should all outweigh this. We co-opted your devices to help the general public (in a small way),” they continued.

The individual or individuals behind The White Team confirmed with Forbes that other kinds of software may be created to fix systems through exploitation, noting there are still “technical problems to be overcome.”

[bctt tweet=”Can we trust malware that claims to do more good than harm?”]

For now, The White Team expressed a concern about being tracked and losing anonymity while continuing to pursue the creation of vigilante-type software in their free time.

“It is my hope that nobody with the intent of prosecuting me is trying to track me. It might be illegal to access these devices, but if no harm is done, the punishment should be small. Better be safe than sorry, though,” The White Team said.

To check out what else is HOT in the world of payments, click here.



Digital transformation has been forcefully accelerated, but how does that agility translate into the fight against COVID-era attacks and sophisticated identity threats? As millions embrace online everything, preserving digital trust now falls mostly on banks and FIs. Now, advances in identity data and using different weights on the payment mix afford new opportunities to arm organizations and their customers against cyberthreats. From the latest in machine learning for fraud and risk, to corporate treasury teams working in new ways with new datasets, learn from experts how digital identity, together with advances like real-time payments, combine to engender trust and enrich relationships.