- Jun 9, 2013
- 6,720
New breeds of malware specializing in wiping data are targeting internet of things (IoT) devices in homes and businesses.
According to Comodo Labs, hackers are seen to be adding data-wiping routines to some of the malware that are designed to infect IoT and embedded devices, including Amnesia and BrickerBot.
The aptly named Amnesia malware is a variation of Tsunami, an older IoT botnet client. Amnesia infects digital video recorders, exploiting a year-old vulnerability.
“Programmed basically for Linux-based environments, this malware first performs checks to detect if the environment it is running in is actually a virtualized one,” Comodo researchers explained. “Next, it would try to wipe critical directories from the file system; this is done by using the Linux ‘rm-rf’ shell command.”
Meanwhile BrickerBot, which also targets Linux-based IoT devices, is launched from compromised routers and wireless access points. It targets IoT devices that have Telnet service running and which are exposed to the internet; and it goes about trying to authenticate these with common username and password combinations. It should be added that BrickerBot takes aim at not just embedded and IoT devices, but any Linux-based device or system with weak credentials.
Read More. Data-Wiping Malware Takes Aim at IoT Devices
According to Comodo Labs, hackers are seen to be adding data-wiping routines to some of the malware that are designed to infect IoT and embedded devices, including Amnesia and BrickerBot.
The aptly named Amnesia malware is a variation of Tsunami, an older IoT botnet client. Amnesia infects digital video recorders, exploiting a year-old vulnerability.
“Programmed basically for Linux-based environments, this malware first performs checks to detect if the environment it is running in is actually a virtualized one,” Comodo researchers explained. “Next, it would try to wipe critical directories from the file system; this is done by using the Linux ‘rm-rf’ shell command.”
Meanwhile BrickerBot, which also targets Linux-based IoT devices, is launched from compromised routers and wireless access points. It targets IoT devices that have Telnet service running and which are exposed to the internet; and it goes about trying to authenticate these with common username and password combinations. It should be added that BrickerBot takes aim at not just embedded and IoT devices, but any Linux-based device or system with weak credentials.
Read More. Data-Wiping Malware Takes Aim at IoT Devices