Security Alert New Malware Intentionally Bricks IoT Devices

LASER_oneXM

Level 29
Content Creator
Verified
Joined
Feb 4, 2016
Messages
1,838
OS
Windows 8.1
Antivirus
Kaspersky
#1
....here are some quotes from the article above:

A new malware strain called BrickerBot is bricking Internet of Things (IoT) devices around the world by corrupting their storage capability and reconfiguring kernel parameters.
Detected via honeypot servers maintained by cyber-security firm Radware, the first attacks started on March 20 and continued ever since, targeting only Linux BusyBox-based IoT devices.
Right from the get-go, two different versions of BrickerBot were detected: BrickerBot.1 and BrickerBot.2.

BrickerBot spreads to devices with open Telnet ports

In the first stages of the attacks, both strains work in a similar way, by attempting a dictionary brute-force attack on devices with Telnet ports left open on the Internet.
Just like Mirai, Hajime, LuaBot, and other IoT malware, BrickerBot uses a list of known default credentials used for various IoT devices.
If device owners failed to change their default credentials, BrickerBot logs in and performs a series of Linux commands.


The end result is a bricked IoT device that will stop working within seconds of getting infected. Experts call these attack PDoS (Permanent Denial of Service), but they are also known as "phlashing."
According to telemetry data, just one of Radware's honeypots has seen 1,895 PDoS attempts in the span of four days.
 

jamescv7

Level 61
Verified
Joined
Mar 15, 2011
Messages
12,638
OS
Windows 10
Antivirus
Microsoft
#2
Iot devices should implement stronger security mechanism in the hardware, a software protection which will integrate the hardware to protect regardless on any attacks.

IOT by itself are attacked because of popularity and widely increase of audience; hence any OS is affected.
 
Likes: LASER_oneXM