New Malware Deliberately Destroys Unsecured IoT Devices
Motive behind BrickerBot puzzles experts who think it maybe the work of a vigilante.
Cybersecurity experts are warning of a new type of malware strain that uses known default user credentials to attack unsecured Internet of Things (IoT) devices and destroy them, reports Bleeping Computer.
Discovered by cybersecurity firm Radware, BrickerBot has two versions – BrickerBot.1 and BrickerBot.2 – and was found to be active since March 20, targeting only Linux BusyBox-based devices with Telnet ports left open.
This malware renders devices inoperable within seconds of infecting them through PDoS (Permanent Denial of Service) or "phlashing" attacks. The two versions work in the same manner but through different sets of commands; while BrickerBot.1 comes through worldwide IPs likely assigned to Ubiquiti network devices, BrickerBot.2 attacks are hidden behind Tor exit nodes and difficult to trace.
The attacker’s motive has confounded cybersecurity experts because it destroys without benefiting the destroyer. They suspect it could be the work of a vigilante who wants to alert users to unsecured devices.
Victor Gevers of GDI.foundation is however critical of the approach and believes that, "Instead of bricking you could also allow the devices to still work and just patch the vulnerability.”
Click here for details.
About the Author
You May Also Like
Cybersecurity Day: How to Automate Security Analytics with AI and ML
Dec 17, 2024The Dirt on ROT Data
Dec 18, 2024