Daily Archives: 2020-01-21

Internet routers running Tomato are under attack by notorious crime gang

Source: Ars Technica

Article note: It's interesting/surprising how many people have the savvy to flash a custom firmware and still leave it with default credentials.
Internet routers running Tomato are under attack by notorious crime gang

Enlarge (credit: advancedtomato.com)

Internet routers running the Tomato alternative firmware are under active attack by a self-propagating exploit that searches for devices using default credentials. When credentials are found, the exploit then makes the routers part of a botnet that’s used in a host of online attacks, researchers said on Tuesday.

The Muhstik botnet came to light about two years ago when it started unleashed a string of exploits that attacked Linux servers and Internet-of-things devices. It opportunistically exploited a host of vulnerabilities, including the so-called critical Drupalgeddon2 vulnerability disclosed in early 2018 in the Drupal content management system. Muhstik has also been caught using vulnerabilities in routers that use Gigabit Passive Optical Network (GPON) or DD-WRT software. The botnet has also exploited previously patched vulnerabilities in other server applications, including the Webdav, WebLogic, Webuzo, and WordPress.

On Tuesday, researchers from Palo Alto Networks said they recently detected Muhstik targeting Internet routers running Tomato, an open-source package that serves as an alternative to firmware that ships by default with routers running Broadcom chips. The ability to work with virtual private networks and provide advanced quality of service control make Tomato popular with end users and in some cases router sellers.

Read 6 remaining paragraphs | Comments

Posted in News | Leave a comment

WordPad is gettings ads in Windows 10

Source: OSNews

Article note: The tech industry has become a parody of it's rent-seeking self.

An upcoming feature of WordPad has been discovered by enthusiasts, revealing in-app ads that promote Microsoft Office. The change is hidden in recent Insider Preview builds, and not activated for most users. WordPad is a very simple text editor, more powerful than Notepad, but still less feature rich than Microsoft Word or LibreOffice Writer. It is good for creating a simple text document without complicated formatting. The more advertisements and preinstalled junkware Microsoft shoves into Windows 10, the more the otherwise decent operating system turns into a user-hostile joke. Apple is going down the same route with iOS, and everything about it just feels disgusting and sleazy. One of the many reasons I transitioned all my machines away from Windows and to Linux.

Posted in News | Leave a comment