New Kaiji malware targets IoT devices via SSH brute-force attacks

[silversurfer]

Content source

https://www.zdnet.com/article/new-kaiji-malware-targets-iot-devices-via-ssh-brute-force-attacks/

Security researchers say they've discovered yet another strain of malware that was specifically built to infect Linux-based servers and smart Internet of Things (IoT) devices, and then abuse these systems to launch DDoS attacks.

Named Kaiji, this new malware was spotted last week by a security researcher named MalwareMustDie and the team at Intezer Labs.

The malware is very different from other IoT malware strains, primarily because it's written in the Go programming language, rather than C or C++, the two languages in which most IoT malware is coded these days.

Very few IoT malware authors spend their time coding a botnet from scratch these days. In fact, the vast majority of IoT botnets are just a mix of different parts and modules taken from multiple strains, combined into new variations of the same old botnet codebases.

"The Internet of things (IoT) botnet ecosystem is relatively well-documented by security specialists," said Paul Litvak, a malware analyst at Intezer, who analyzed the code in a report published yesterday. "It is not often that you see a botnet's tooling written from scratch."

 

[Stopspying]

Other articles on 'Kaiji' -

Kaiji - a new strain of IoT malware seizing control and launching DDoS attacks - Bitdefender BOX Blog

Kaiji, a new botnet campaign, created from scratch rather than resting on the shoulders of those that went before it, is infecting Linux-based servers and IoT devices with the intention of launching distributed denial-of-service (DDoS) attacks. Kaiji,named by researcher MalwareMustDie after one...

www.bitdefender.com

New 'Kaiji' Botnet Attacks Linux, IoT Devices via SSH Brute Force

The Kaiji botnet was built using the Golang programming language is targeting Linux systems, including IoT devices, using a custom implant.

www.securityweek.com