Motive behind BrickerBot puzzles experts who think it maybe the work of a vigilante.
Cybersecurity experts are warning of a new type of malware strain that uses known default user credentials to attack unsecured Internet of Things (IoT) devices and destroy them, reports Bleeping Computer.
Discovered by cybersecurity firm Radware, BrickerBot has two versions – BrickerBot.1 and BrickerBot.2 – and was found to be active since March 20, targeting only Linux BusyBox-based devices with Telnet ports left open.
This malware renders devices inoperable within seconds of infecting them through PDoS (Permanent Denial of Service) or "phlashing" attacks. The two versions work in the same manner but through different sets of commands; while BrickerBot.1 comes through worldwide IPs likely assigned to Ubiquiti network devices, BrickerBot.2 attacks are hidden behind Tor exit nodes and difficult to trace.
The attacker’s motive has confounded cybersecurity experts because it destroys without benefiting the destroyer. They suspect it could be the work of a vigilante who wants to alert users to unsecured devices.
Victor Gevers of GDI.foundation is however critical of the approach and believes that, "Instead of bricking you could also allow the devices to still work and just patch the vulnerability.”
Click here for details.
About the Author(s)
You May Also Like
Guarding the Cloud: Top 5 Cloud Security Hacks and How You Can Avoid Them
April 4, 2024Cybersecurity Strategies for Small and Med Sized Businesses
April 11, 2024Defending Against Today's Threat Landscape with MDR
April 18, 2024Securing Code in the Age of AI
April 24, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024Black Hat Asia - April 16-19 - Learn More
April 16, 2024