Yes, that is a Moose taking control of your Instagram

Linux/Moose exploiting lax router security

Credit Flickr David Bailey

Home routers, cable and DSL modems have been exploited by hackers using malware that can be implemented to botnets to take control of Twitter, Instagram and a range of other social media accounts.

A report penned by security researchers Olivier Bilodeau and Thomas Dupuy from security firm ESET found that the Linux/Moose malware has been targeting consumer routers and modems that have weak credentials, not exploiting any kind of vulnerability.

Once the Moose is loose about in your router, it can eavesdrop on communications to and from devices whether it be a laptop, smartphone, tablet or any other peripheral that uses a router to connect to the internet (regardless of whether it is MIPS or ARM-based).

From here it can do its worst, which in this case is hijacking social media accounts and turning them into spam bots.

"The operators use the infected devices to perform social network fraud on Twitter, Facebook, Instagram, Youtube and more," said the two researchers. "Moose can be configured to reroute router DNS traffic, which enables man-in-the-middle attacks from across the Internet."

Twitter worst affected

An analysis carried out by the pair found that Twitter/Vine accounted for 49% of the targets, Instagram 47% and Soundcloud 2%, with the remaining 3% made up of Yandex, YouTube, Yahoo and Amazon Cloud.

Thankfully when a router is switched off, the Linux/Moose malware disappears, however, if the credentials are left poorly configured then it can easily re-infected the device and users are encouraged to firm up their router to prevent their accounts falling victim to the exploit.

Article continues below