A security researcher has developed maliciousrootkit softwarefor all Cisco
routers.
Sebastian Muniz, a researcher with penetration testing firm Core
Security Technologies, has developed the software, and will
demonstrate it at next week's EuSecWest security conference in
London.
Rootkits are malware that can hide themselves in systems while
they allow remote hackers to use them to gain access.
Muniz has developed rootkit software that targets IOS, the
operating system used by all Cisco routers to power enterprise
networks and the web.
As Cisco controls the lion's share of the router market, his
demonstration on 22 May may well kick-start a trend among other
hackers to use rootkits to target web and enterprise networks.
In the past, hackers have been able to write "shell code" aimed
at compromising a single version of IOS. Muniz' effort, however,
can be used against all versions of IOS.
His code can not be used to break into a router, however. Any
attacker could only install it if they gained access privileges or
came up with their own separate attack code.