A worm has been used to build a botnet consisting of DSL routers running Linux, which may be still evolving, according to security training organisation the Sans Institute.

After becoming infected, the network of routers was used to launch a denial-of-service attack earlier in March against DroneBL, an organisation that maintains a DNS blacklist. Sans Institute handler GN White reported the issue in a blog post on Tuesday, noting that there was a chance the bot was “still evolving”.

Readthe Rest of the Article