The Internet of Things business model dictates that devices be designed with the minimum viable security to keep the products from blowing up before the company is bought or runs out of money, so we're filling our homes with net-connected devices that have crummy default passwords, and the ability to probe our phones and laptops, and to crawl the whole internet for other vulnerable systems to infect.
Linux/Mirai is an ELF trojan targeting IoT devices, which Malware Must Die describes as the most successful ELF trojan. It's very difficult to determine whether these minimal-interface devices are infected, but lab tests have discovered the malware in a wide range of gadgets.
The moral of the story of this threat ; this is the example, on how a group of bad hackers can improve themselves.. if we let them still be freely doing their vandalism act out there. They keep on improving their threat and they have no care to aim anything that can be infected to expand their "botnets". Don't let the young age reducing our priority to stop the actors in the legal way, juveniles scheme in our culture are there for them to taste the consequences of what they do in the real life., let them taste it. If we don't stop them now..think about what they can do for 5 or 10 years from now to our internet.
To have Linux boxes in IoT to support our present life aspects is a bless in our technology era. But please be parallel to serve those boxes with more presentable security settings and don't let the authentication security for those running 365/44/7 OS becomes obsolete. Apply some securing method to secure it better too in user land UI i.e.: to force users to change the factory setting passwords BEFORE using them, or not to let telnetd runs openly by default, ask the users not to serve SSH in the default ports of possible, and these are really helping to reduce this threat hitting networks that is having much IoT running. Feel free to contact us in @malwaremustdie (twitter/direct message), or by comments to this post if you have an infection for this malware and look for advisory to dissect it, or to dump the sample from your busybox/IoT.
MMD-0056-2016 – Linux/Mirai, how an old ELF malcode is recycled..
[Malware Must Die!]
Experts from MalwareMustDie spotted a new ELF trojan backdoor, dubbed ELF Linux/Mirai, which is now targeting IoT devices.
[Pierluigi Paganini/Security Affairs]