[nsp-sec] UBNT airOS worm in the wild
Damian Menscher
damian at google.com
Sun May 15 14:19:42 EDT 2016
Starting Friday, a worm started spreading affecting UBNT airOS devices:
http://community.ubnt.com/t5/airMAX-General-Discussion/Virus-attack-URGENT-UBNT/td-p/1562940
This has likely already run its course (it spread fairly quickly in the
first hours, and appears to have reached saturation by Saturday) but I
wanted to spread the word in case ISPs are unaware. It appears this worm
is also responsible for an increase in NXDOMAIN queries hitting recursive
resolvers (which may be your best indicator of infection).
Damian
--
Damian Menscher :: Security Reliability Engineer :: Google :: AS15169
More information about the nsp-security
mailing list