Did a quick search here, nothing, so thought I'd pass this along:
Linux embedded devices being used in botnet (from dslreports)
And change those damn passwords!
Linux embedded devices being used in botnet (from dslreports)
No remote admin folks!The below two URLs don't really explain *how* they gained access to said DD-WRT/OpenWRT/Tomato boxes, but based on what I can figure out, it's this:
If you have SSH or telnet open to the world (e.g. WAN-side), and have a fairly insecure password (such the default password of "admin" in Tomato), brute-force SSH/telnet attempts will eventually succeed.
Those who don't permit incoming SSH/telnet to the router via WAN, or allow SSH but disallow passwords (instead requiring keys) should be fine.
OpenWRT apparently leaves telnet open until you've set a root password.
And change those damn passwords!