Look out Waledec, Zeus and Conficker! Chuck Norris is in town. A new botnet named after the iconic action star is targeting and infecting routers, or as one writer joked “The Chuck Norris botnet doesn’t infect routers, it stares them down until they infect themselves.” The botnet, first discovered by Czech researchers, looks for badly configured routers and infects them by guessing the default password. It uses the remote access feature to take control.

It takes over MIPS-based devices running Linux by launching a password guessing dictionary and changes the DNS settings of the router, and then redirects the user to a poisoned webpage that downloads even more malware. It also scans the network for other devices to infect.  Experts say the botnet has infected machines from South America to Asia. There’s no information on exactly how many machines have been compromised, who is behind it, but like other botnets, its goal is to steal personal information like passwords and bank account numbers. Some researchers say it may also conduct DDoS attacks.

For a botnet named after Chuck Norris (it got the name from a line in its code: “in nome di Chuck Norris” which means “In the name of Chuck Norris”) the malware it delivers has a surprising weakness. Since it is installed in the router’s RAM, a simple restart will remove it. To protect against it, make sure all routers and modems on your network are not using the default password and that each device has a unique and hard to guess one.