Does your home WiFi use a default password? It forces you to change it. Does it leave unguarded communication channels open? It forces you to close them.
To experts, this seems like the work of a well intentioned hacker vigilante. Illegal, yes. But helpful, kinda.
The custom-built software is nicknamed “Ifwatch” and it is spreading quickly, according to researchers at the cybersecurity firm Symantec.
“We have not seen any malicious activity whatsoever,” said Symantec threat intelligence officer Val Saengphaibul. “However, in the legal sense, this is illegal activity. It’s accessing computers on a network without the owner’s permission.”
To date, it has snuck into at least 10,000 Internet-connected devices, usually WiFi routers.
Ifwatch first popped up last year, when an independent security researcher spotted something funky in a home WiFi router.
Why does Ifwatch seem nice? Because it tries to kill any malware on your router. It also gives your device automatic, friendly updates that protect it from computer viruses. In some cases, it forces a device to reboot every week, clearing away any dangerous malware.
Then again, there’s no telling if this intrusive program is really as benign as it seems. Ifwatch has the ability to monitor what’s going on in your router — and capture that data.
So, in theory, it could spy on you. When you’re prompted to type in a new password, it’s hard to tell if that stays private. Would you type in a new password with someone looking over your shoulder?
“We have no idea who is behind this — or what their full intention is,” Saengphaibul said.
But there’s a clue. There’s a hidden message in the program’s computer code: “To any NSA and FBI agents reading this: please consider whether defending the US Constitution against all enemies, foreign or domestic, requires you to follow Snowden’s example.”
This altruistic hack could be an attempt to improve everyone’s privacy. Or maybe it’s just a very clever diversion.