Routers with poor passwords at risk from Chuck Norris

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

Routers with poor passwords at risk from Chuck Norris

Have you changed the password on your home router, or are you still using the default password it shipped with?

Well, a new malware attack named after a cult action movie star might make you wake up to the risk you could be running.

As ComputerWorld reports, the network security department at Masaryk University’s Institute of Computer Science in Brno have discovered a new example of malware that installs itself on routers and DSL modems by cracking admin passwords.

Sign up to our free newsletter.
Security news, advice, and tips.

Of course, the malware finds it much easier to break into your router if you’re using an easy-to-guess password or – even more recklessly – the one the device shipped with.

The Czech researchers have dubbed the threat Chuck Norris as a comment in the source code reads in Italian “in nome di Chuck Norris”, which means “in the name of Chuck Norris”.

The attack is actually a collection of various different pieces of malware, based upon an older IRC bot and combined with a tool to scan for weak passwords. Sophos detects the various components as W32/Mytob-KN, Troj/Batten-A, Exp/MS04011-A and Troj/DwnLdr-IBH.

It’s important to realise that the worm spreads via traditional means – from Windows computer to Windows computer – so it would be wrong to describe this a worm router.

Make sure that you have chosen a strong password on your router and DSL modem, that your anti-malware protection is up-to-date, and avoid allowing any of your computers to be recruited by the Chuck Norris botnet.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.