BrickerBot malware attacks IoT devices with Permanent Denial-of-Service
Mirai who? Thereâ€™s a new type of malware in town targeting misconfigured IoT devices. BrickerBot, using the same exploit vector as Mirai, corrupts device storage through Linux commands and shuts the devices down in what has been described as a “Permanent Denial-of-Service,” wrote DDoS protection company Radware on their blog.
“The use of the ‘busybox’ command combined with the MTD and MMC special devices means this attack is targeted specifically at Linux/BusyBox-based IoT devices which have their Telnet port open and exposed publically on the Internet. These are matching the devices targeted by Mirai or related IoT botnets,” the blog reads.
The companyâ€™s honeypot allegedly detected attempts from two botnets with IPs from around the world, one launching 1,895 PDoS attempts in four days and the second 333 PDoS attempts, but the “location(s) [was/were] concealed by TOR egress nodes.”
The targeted devices are “/dev/mtd (Memory Technology Device – a special device type to match flash characteristics) and /dev/mmc (MultiMediaCard – a special device type that matches memory card standard, a solid-state storage medium).”
The hacked devices exposed port 22 (SSH) and ran an outdated version of the Dropbear SSH Server. Once the device is shut down, the only solution is to replace or reinstall the hardware.
The Holiday Guide to Tech Support: Fixing the Family Computer
November 24, 2021
Bitdefender Celebrates 20 Years of Cybersecurity Leadership
November 04, 2021
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords
October 26, 2021
What are drive-by download attacks and how do you prevent them?
October 25, 2021
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks
October 22, 2021
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals
October 20, 2021