Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
3/29/2019
01:00 PM
100%
0%

7 Malware Families Ready to Ruin Your IoT's Day

This latest list of Internet of Things miscreants doesn't limit itself to botnets, like Mirai.
Previous
1 of 8
Next

Don't you hate it when one loud co-worker at the office takes all the credit and keeps the rest of the team out of management's eye? Welcome to the world of Internet of Things (IoT) malware, where several families do their malicious worst — only to hear IT professionals droning on about Mirai, Mirai, Mirai.

Don't be misled: Mirai is still out there recruiting low-power IoT devices into botnets, but it's certainly not the only piece of malware you should be aware of. Mirai wasn't even the first of the big-name IoT baddies — that distinction goes to Stuxnet — but the sheer size of the attacks launched using the Mirai botnet and the malware's dogged persistence on devices around the world have made it the anti-hero poster child of IoT security.

Mirai has continued to grow through variations that make it a malware family rather than a single stream of malware. And it's not alone: Malware programmers are much like their legitimate software development counterparts in their programming practices and disciplines, making code reuse and modular development commonplace. Each of these can make it tricky to say whether a bit of malware is new or just a variant. Regardless, security professionals have to stop all of them.

This latest list of IoT miscreants doesn't limit itself to botnets. You'll also find data wipers, cryptominers, and data capture clients. And if there's one thing cybersecurity professionals can count on, it's that malware authors will continue to apply their creativity and programming skills to new forms of criminal code that will be unleashed on the IoT.

What kind of malware are you dreading most? And what kind do you think will all but disappear in the coming years? Share your thoughts with the Dark Reading community in the Comments section, below.

(Image: peshkov VIA Adobe Stock)

 

Curtis Franklin Jr. is Senior Editor at Dark Reading. In this role he focuses on product and technology coverage for the publication. In addition he works on audio and video programming for Dark Reading and contributes to activities at Interop ITX, Black Hat, INsecurity, and ... View Full Bio

Previous
1 of 8
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
markgrogan
50%
50%
markgrogan,
User Rank: Apprentice
4/29/2019 | 3:25:50 AM
Hit us harder
It is not entirely shocking to know how we can all be fooled by deceptive malwares acting as a front. However, in such a case, usually they are not giving shade to their peers but instead they are somehow safeguarding them so that the others can hit us harder without us anticipating.
ritchard.harrison
50%
50%
ritchard.harrison,
User Rank: Apprentice
4/4/2019 | 7:54:47 PM
Great article
What a great article thanks a lot for sharing
US Turning Up the Heat on North Korea's Cyber Threat Operations
Jai Vijayan, Contributing Writer,  9/16/2019
Fed Kaspersky Ban Made Permanent by New Rules
Dark Reading Staff 9/11/2019
NetCAT Vulnerability Is Out of the Bag
Dark Reading Staff 9/12/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-16199
PUBLISHED: 2019-09-17
eQ-3 Homematic CCU2 before 2.47.18 and CCU3 before 3.47.18 allow Remote Code Execution by unauthenticated attackers with access to the web interface via an HTTP POST request to certain URLs related to the ReGa core process.
CVE-2019-16391
PUBLISHED: 2019-09-17
SPIP before 3.1.11 and 3.2 before 3.2.5 allows authenticated visitors to modify any published content and execute other modifications in the database. This is related to ecrire/inc/meta.php and ecrire/inc/securiser_action.php.
CVE-2019-16392
PUBLISHED: 2019-09-17
SPIP before 3.1.11 and 3.2 before 3.2.5 allows prive/formulaires/login.php XSS via error messages.
CVE-2019-16393
PUBLISHED: 2019-09-17
SPIP before 3.1.11 and 3.2 before 3.2.5 mishandles redirect URLs in ecrire/inc/headers.php with a %0D, %0A, or %20 character.
CVE-2019-16394
PUBLISHED: 2019-09-17
SPIP before 3.1.11 and 3.2 before 3.2.5 provides different error messages from the password-reminder page depending on whether an e-mail address exists, which might help attackers to enumerate subscribers.