Dan Goodin, reporting for Ars Technica (edited and condensed): Isps around the world are being attacked by self-replicating malware that can take complete control of widely used Wireless networking equipment, according to reports from customers. San Jose, California-based Ubiquiti Networks confirmed recently that attackers are actively targeting a flaw in AirOS, the Linux-based firmware that runs the wireless routers, access points, and other gear sold by the company. The vulnerability, which allows attackers to gain access to the devices over HTTP and HTTPS connections without authenticating themselves, was patched last July, but the fix wasn't widely installed. Many customers claimed they never received notification of the threat.ISPs in Argentina, Spain, Brazil have been attacked by the Worm, said Nico Waisman, a research at security firm Immunity, adding that it's likely that ISPs in the U.S. and other places have also been attacked by the same malware. From the report, "Once successful, the exploit he examined replaces the password files of an infected device and then scans the network it's on for other vulnerable gear. After a certain amount of time, the worm resets infected devices to their factory default configurations, with the exception of leaving behind a backdoor account, and then disappears."
Read more of this story at Slashdot.