Beneficial Router Virus
Dubbed Linux.Wifatch, the bug behaves like a regular virus from the outside: infecting the device, operating undetected, and coordinating actions through a peer-to-peer network. But instead of performing DDoS attacks or looking for sensitive data, Wifatch’s main role seems to be keeping other viruses out. It stays up to date on virus definitions through its peer-to-peer network, deletes any malware discovered, and cuts off other channels malware would typically use to attack the router. In short, Wifatch is actually protecting its victims.
It’s still unclear where Wifatch comes from or why it was created, but it seems to be very different from the average virus. First detected by a researcher in 2014, the virus seems to make little effort to conceal itself, and leaves various benign messages in its code. One, triggered when a user tries to access the Telnet feature, reminds users to update the device’s firmware. Another, dropped as a comment in the source code, repeats a statement from free-software icon Richard Stallman: “To any NSA or FBI agents reading this: please consider whether defending the US constitution against all enemies, foreign or domestic, requires you to follow Snowden’s example.”
This is the sort of thing I love to hear about. Hacking used to mean just cobbling stuff together, trying things until they worked: the current meaning, of breaking in and trying to do bad things, was called ‘cracking’ in the past, and I felt that was a better name.
This is hacking going back to the roots: taking advantage of an interesting bit of code (or, in this case, vulnerability in it) and using that to do something good.