Chucknorris - new Dlink (and other) botnet attack.

✨ Quic broadband | Apple TV | Samsung | AliExpress | Wise | Sharesies

Welcome Guest.

You haven't logged in yet. If you don't have an account you can register now.

Forums › New Zealand Broadband › Chucknorris - new Dlink (and other) botnet attack.

adslgeek

50 posts

Geek

#57720 22-Feb-2010 21:34

Send private message

Hi there,

I had heard that GZ had mentioned the new Chuck Norris worm / attack was being discussed in the forum, but I can't seem to see any mention of it..

As I have previously warned, if you have a Dlink modem, now might be an even better time to upgrade the firmware, as there is a new Worm doing the rounds.

The Chuck Norris worm attacks a few different devices, including (among others) the vulnerable Dlink routers

http://www.darkreading.com/security/attacks/showArticle.jhtml?articleID=223000208

• My first recommendation is to log into your router, and change the default password.
• But mainly check that you have installed the most recent version of firmware.

This does not JUST impact the following routers, but these are known to be vulnerable..

The following routers are reportedly affected:
* DSL-502T
* DSL-504T
* DSL-562T
* DSL-G604T

The security issue has been reported in the following firmware versions:
* V1.00B01T16.EN.20040211
* V1.00B01T16.EU.20040217
* V0.00B01T04.UK.20040220
* V1.00B01T16.EN.20040226
* V1.00B02T02.EU.20040610
* V1.00B02T02.UK.20040618
* V1.00B02T02.EU.20040729
* V1.00B02T02.DE.20040813
* V1.00B02T02.RU.20041014

I will also keep updating details as I discover them here www.adslgeek.com/dslforum

Cheers,
ADSLgeek

<strong>ADSL </strong>Geek<br /><a href="http://www.adslgeek.com">http://www.adslgeek.com</a>

KraserK

41 posts

Geek

#301304 23-Feb-2010 02:56

Send private message

how does this affect routers? how does the virus get into the router :|

freitasm

BDFL - Memuneh
80646 posts

Uber Geek
+1 received by user: 41025

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#301323 23-Feb-2010 07:52

Send private message

Basically some people don't change the default passwords and the remote administration access options, so this trojan simply login to the router and installs itself using a known vulnerability. Once installed the trojan redirects requests to sites with automatic malware downloads.

Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

News and reviews »

New ECOVACS DEEBOT T80S OMNI Available Now
Posted 9-Apr-2026 11:11

Ring Brings 4K Video to Battery-Powered Doorbells
Posted 9-Apr-2026 11:01

Synology Announces a New Privacy-First Home Monitoring Experience for BeeStation Plus
Posted 9-Apr-2026 10:02

GIGABYTE X870E AERO X3D DARK WOOD Redefines the Motherboard
Posted 7-Apr-2026 14:06

Datacom Acquires Auckland Data Centre from T4
Posted 2-Apr-2026 09:43

Spark Launches Satellite Service with SMS and data options
Posted 2-Apr-2026 09:16

Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Support Geekzone »

You can support Geekzone with a one-off or recurring donation via PressPatron.

RSS feeds: Main feed; Forums feed
Copyright: ©2002-2026 Geekzone®

Site features: Geekzone BI dashboard; Geekzone Badges; Geekzone Status Page

Site Information: Subscribe to Geekzone; Privacy Statement; Forum Usage Guidelines (FUG); Advertising; Trademark and copyright