The New BrickerBot Internet of Things Malware

One fresh malicious program is contaminating unprotected Internet of Things (IoT) appliances while permanently damages them rather than include them into different DDoS (distributed denial of service) botnets.

Radware a security vendor spotted the malicious program called BrickerBot, which has dual variants, and starting March 20 is trying carrying out PDoS (permanent denial of service) assaults or phlashing on IoT appliances.

Radware used its honeypot servers to detect the assaults as they targeted solely those IoT devices which were Linux BusyBox-created. From the time BrickerBot started its attacks, the malware was in dual versions identified as BrickerBot.1 and BrickerBot.2. Bleepingcomputer.com posted this, April 6, 2017.

Similar as different IoT malware, especially Mirai, BrickerBot too resorts to several familiar default credentials that are utilized in different IoT devices. In case the appliance owners do not alter the credentials on their devices given by default then BrickerBot effectively logs in followed with executing multiple Linux shell commands.

The medium for exploitation by BrickerBot is identical to Mirai's. The malware tries gaining admission into systems via Remote Access Port (RAP) namely Telnet so it determines the admin credentials of the appliance for logging into it.

After successfully issuing Linux commands on the IoT appliance that destroys the appliance's storage permanently, BrickerBot issues more instructions that disconnect the appliance from the Internet thereby degrading its performance while eventually erasing the entire data inside it, making the device unusable.

Again, unlike the majority of IoT malware programs, BrickerBot does not hoard IoT appliances within gigantic botnets that are utilized as proxies for spewing malevolent traffic alternatively for carrying out DDoS assaults - the two functions provide lucrative businesses to whosoever is sufficiently skilled for hijacking numerous IoT devices. The destructive capabilities of BrickerBot haven't been seen earlier in other IoT malware. They neither benefit the malware's creator nor the appliance owner who must either reinstall firmware else purchase one fresh appliance.

The BrickerBot assaults are quite simple for execution and they are merely the beginning. The task needn't be described as dark; however, there are possibly other not so damaging methods for attaining the same objective.

» SPAMfighter News - 4/10/2017