Vigilante-style Hacker," who hacks every possible system to make them more Secure? Has anyone ever heard about a "," who hacks every possible system to make them more Secure?





No. It's not funny, neither a movie story:





Reportedly, someone is hacking thousands unprotected Wi-Fi routers everywhere and apparently forcing owners to make them more Secure.





Linux.Wifatch" a.k.a "Ifwatch," infected more than 10,000 vulnerable ' Security firm Symantec has discovered a new malware, dubbed "" a.k.a "," infected more than 10,000 vulnerable ' Internet of Things ' devices, and spreading quickly.

However, Linux.Wifatch not only removes malicious backdoor but also encourages users to update their weak passwords.





How Does Linux.Wifatch Work?





Once a device is infected, the Linux.Wifatch malware connects to a peer-to-peer network that is being used to distribute threat updates.





Linux.Wifatch's code does not deploy any payload for malicious activities, such as to carry out DDoS attacks, rather it detects and remediates the known families of malicious codes present on the compromised devices.





Linux.Wifatch' detects any malicious activity or After Installation, whenever '' detects any malicious activity or malware on the vulnerable device; it asks the device owners to:

Change their default password,

Close potentially vulnerable Telnet port immediately

However, the malware does not appear to be used for malicious purposes yet, but researchers have found that the malware contains a number of backdoors that can be used by its developer to carry out malicious tasks remotely.





Perl programming language, was first discovered in November last year by an independent malware researcher, who calls himself " Linux.Wifatch, written in the, was first discovered in November last year by an independent malware researcher, who calls himself " Loot Myself ."





The researcher shared complete details of the malware in a two-part series on his blog with the same name - "Loot Myself: Malware Analysis and Botnet tracking."





In 2014, the researcher sensed unwanted activities in his home router and for which he could not find the location as well.





This curiosity made him explore more, and while digging deeper he decoded the roots of the malware- THE SOURCE CODE, written in Perl.





After going through the source code, the researcher points out that the code is not obfuscated; it just uses compression and minification of the source code.





Further, the researcher mentions about an unusual activity:

"To any NSA and FBI agents reading this: please consider whether defending the U.S. Constitution against all enemies, foreign or domestic, requires you to follow Snowden's example." he says in the blog post.





How to Secure Your Wireless Router?



Though the risk associated with Linux.Wifatch is low, the security researchers at Symantec are keeping an eye on its activities.

They say with such a "Malware-for-Good," it apparently creates a 'Benefit of the Doubt' as the author's intentions are unknown.



The case hasn't closed yet, as Symantec says, "It pays to be suspicious."

Essential Security Measures



Symantec had previously issued measures to get rid of this Malware. Here below you can read a few important recommendation in short:

Use a Firewall to block all incoming connections

Enforce a password policy

Make sure to offer the lowest level of privileges to programs

Disable AutoPlay

Turn off file sharing if not needed





How to Remove 'Linux.Wifatch' Malware?





If you have also detected such activity on your home routers, you can get rid of the risk associated with it by:

Resetting your device; as it will remove the Linux.Wifatch malware

Keeping your device's software and firmware up to date

Changing any default passwords that may be in use

Resetting your passwords routinely





More Ways to Protect your Network





Further, you can protect your Wireless network by following few measures, that assure your security, like: