It's been more than a year since RSA's Rotem Kerner published his research on the insecurities in a PVR that was "white labeled" by TVT, a Chinese company and sold under over 70 brand-names around the world. In the intervening year, tens of thousands of these devices have been hijacked into botnets used by criminals in denial of service attacks, and TVT is still MIA, having done nothing to repair them.
Worse: a new malware strain called Amnesia is targeting TVT devices, recruiting them into a botnet alongside other devices with remote code execution bugs, estimates of whose number ranges up to 705,000 targets.
Last year, an IoT worm called Mirai hijacked PVRs, CCTVs and other devices and directed floods of traffic that were so voluminous they took down Level 3 (a tier one backbone provider).
Now, according to a report published yesterday by cyber-security firm Palo Alto Networks, TVT devices are yet again targeted by another IoT malware that's building a huge botnet for launching DDoS attacks.
Nicknamed Amnesia, this new malware strain is based on an older version of the Tsunami IoT/Linux DDoS botnet malware. This new Tsunami alteration is particularly advanced because this appears to be the first version of IoT malware that includes sandbox detection features, usually found in Android and Windows malware.
This self-protection feature allows the malware to detect when security experts or security products execute the malware inside a virtual machine. According to researchers, the malware's response is something that's not been seen before, with Amnesia deleting the entire VM filesystem, most likely out of revenge after being uncovered, and desperately attempting to hide its tracks.
New IoT/Linux Malware Targets DVRs, Forms Botnet
[Claud Xiao, Cong Zheng and Yanhui Jia/Palo Alto Networks]
Irresponsible Chinese DVR Vendor Still the Target of IoT Botnets One Year Later
[Catalin Cimpanu/Bleeping Computer]
For decades, it was a commonplace in western business that no one could afford to ignore China: whatever problems a CEO might have with China's human rights record could never outweigh the profits to be had by targeting the growing Chinese middle-class.
A little over a year ago, Bloomberg stunned the world with a report that claimed that Chinese intelligence services had figured out how to put undetectable, rice-grain-sized hardware implants into servers headed for the biggest US cloud and enterprise IT firms, and that when some of the victims discovered this fact, they quietly ripped out […]
How can a single, ill-conceived law wreak havoc in so many ways? It prevents you from making remix videos. It blocks computer security research. It keeps those with print disabilities from reading ebooks. It makes it illegal to repair people's cars. It makes it harder to compete with tech companies by designing interoperable products. It's even been used […]
There’s overwhelming support for clean energy, and the planet is giving us more reasons to invest in renewable power sources with every passing year. Even in the most inhospitable areas, wind and solar can provide a good chunk of our power, if not all of it. So why aren’t we all taking advantage of it? […]
Hey, we love Netflix and Hulu, but let’s face it: The whole setup doesn’t exactly encourage active viewing. For all the binge-watching we’ve done, it’s tough to expand our horizons or learn anything new – except for how many episodes of “The Office” it takes to make us fall asleep. It was only a matter […]
Still using elbow grease to clean the sinks, tubs and other grimy surfaces around your house? Save your elbows, and some time. If you’ve got a power drill, the RevoClean® 4-in-1 Drill Brush Cleaning Kit will instantly turn it into a professional scrubber that can tackle any stain on any surface. Attach the 4″ nylon […]