Chuck Norris

TChuck Norrishat’s right. Chuck Norris.

Chuck Norris is the name of a botnet that was recently discovered by Czech researchers. Why “Chuck Norris”. Well, it comes from a comment that was written in Italian in the botnet’s source code: “in nome di Chuck Norris,” which means “in the name of Chuck Norris.”

Okay, but WHY Check Norris? I’d guess because it’s fast, it’s dangerous, and it karate chops it’s way through routers. That’s right. Chuck Norris doesn’t go attacking people’s computers, it attacks the routers instead. It’s sort of like a previously released botnet that attacks routers called Psyb0t.

Chuck Norris is powerful, yet surprisingly not so sophisticated. It attacks MIPS-based Linux devices and takes advantage of the ones that have enabled Remote Administration and have weak passwords such as the router’s default. If the password is not guessed by using the default, Chuck Norris also has the capability to run a password guessing attack using common passwords. ┬áIt can also take advantage of known vulnerabilities in certain D-Link routers.

Once the malware has successfully infiltrated a router, it does several things. It tries to spread itself so that the botnet grows. It also changes the routers’ DNS settings so the the entire network can be controlled by the hackers running it. And of course, it launches Denial of Service attacks.