DD-WRT users, your router might be vulnerable

This was posted on Slashdot last night:

"The people who bring you the DroneBL DNS Blacklist services, while investigating an ongoing DDoS incident, have discovered a botnet composed of exploited DSL modems and routers. OpenWRT/DD-WRT devices all appear to be vulnerable. What makes this worm impressive is the sophisticated nature of the bot, and the potential damage it can do not only to an unknowing end user, but to small businesses using non-commercial Internet connections, and to the unknowing public taking advantage of free Wi-Fi services. The botnet is believed to have infected 100,000 hosts."

Here is a direct link to the posting: http://it.slashdot.org/article.pl?sid=09/03/23/2257252&from=rss

Here is a direct link to the DroneBL webiste detailing the vulnerability: http://dronebl.org/blog/8

 

I was curious about that as well, since I use Tomato myself. My guess is that it is, since the vulnerability description leans more heavily on the hardware than on the software itself. It does sound like if you have a strong password set on your router, you'll probably be fine.

Regardless, I'm trying to track down more information.