A malicious worm that targets poorly protected home routers has been uncovered by security researchers. The “moose” malware tries to take over home routers by trying thousands of weak passwords. Once it has taken over a device, the worm grabs login details when people visit Twitter, Facebook, Instagram, YouTube and other social sites. These credentials are then used to artificially inflate followers and viewer numbers. “This threat is all about social network fraud,” said researchers Olivier Bilodeau and Thomas Dupuy from security firm Eset in a report detailing their findings. Aggressive attack The malicious program got its name because the file containing its attack code is called elan – French for moose. The malicious worm travels the internet “aggressively” seeking out vulnerable devices. So far, said the pair, some of the routers made by Actiontec, Hik Vision, Netgear, Synology, TP-Link, ZyXEL, and Zhone have been found to be vulnerable to moose. In their analysis, the two researchers saw the worm being used to set up bogus accounts on social network sites and then use stolen credentials to add fake “likes” and “follows” to those accounts.