Security Alert New Malware Intentionally Bricks IoT Devices

  • This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

LASER_oneXM

Level 22
Content Creator
Feb 4, 2016
1,191
5,710
Operating System
Windows 8.1
Installed Antivirus
Kaspersky
#1
....here are some quotes from the article above:

A new malware strain called BrickerBot is bricking Internet of Things (IoT) devices around the world by corrupting their storage capability and reconfiguring kernel parameters.
Detected via honeypot servers maintained by cyber-security firm Radware, the first attacks started on March 20 and continued ever since, targeting only Linux BusyBox-based IoT devices.
Right from the get-go, two different versions of BrickerBot were detected: BrickerBot.1 and BrickerBot.2.

BrickerBot spreads to devices with open Telnet ports

In the first stages of the attacks, both strains work in a similar way, by attempting a dictionary brute-force attack on devices with Telnet ports left open on the Internet.
Just like Mirai, Hajime, LuaBot, and other IoT malware, BrickerBot uses a list of known default credentials used for various IoT devices.
If device owners failed to change their default credentials, BrickerBot logs in and performs a series of Linux commands.


The end result is a bricked IoT device that will stop working within seconds of getting infected. Experts call these attack PDoS (Permanent Denial of Service), but they are also known as "phlashing."
According to telemetry data, just one of Radware's honeypots has seen 1,895 PDoS attempts in the span of four days.
 

jamescv7

Level 61
Verified
Mar 15, 2011
12,660
17,639
Operating System
Windows 10
Installed Antivirus
Microsoft
#2
Iot devices should implement stronger security mechanism in the hardware, a software protection which will integrate the hardware to protect regardless on any attacks.

IOT by itself are attacked because of popularity and widely increase of audience; hence any OS is affected.
 
Likes: LASER_oneXM