It's been more than a year since RSA's Rotem Kerner published his research on the insecurities in a PVR that was "white labeled" by TVT, a Chinese company and sold under over 70 brand-names around the world. In the intervening year, tens of thousands of these devices have been hijacked into botnets used by criminals in denial of service attacks, and TVT is still MIA, having done nothing to repair them.
Worse: a new malware strain called Amnesia is targeting TVT devices, recruiting them into a botnet alongside other devices with remote code execution bugs, estimates of whose number ranges up to 705,000 targets.
Last year, an IoT worm called Mirai hijacked PVRs, CCTVs and other devices and directed floods of traffic that were so voluminous they took down Level 3 (a tier one backbone provider).
Now, according to a report published yesterday by cyber-security firm Palo Alto Networks, TVT devices are yet again targeted by another IoT malware that's building a huge botnet for launching DDoS attacks.
Nicknamed Amnesia, this new malware strain is based on an older version of the Tsunami IoT/Linux DDoS botnet malware. This new Tsunami alteration is particularly advanced because this appears to be the first version of IoT malware that includes sandbox detection features, usually found in Android and Windows malware.
This self-protection feature allows the malware to detect when security experts or security products execute the malware inside a virtual machine. According to researchers, the malware's response is something that's not been seen before, with Amnesia deleting the entire VM filesystem, most likely out of revenge after being uncovered, and desperately attempting to hide its tracks.
New IoT/Linux Malware Targets DVRs, Forms Botnet
[Claud Xiao, Cong Zheng and Yanhui Jia/Palo Alto Networks]
Irresponsible Chinese DVR Vendor Still the Target of IoT Botnets One Year Later
[Catalin Cimpanu/Bleeping Computer]
DMARC is an anti-email-spoofing tool that mail-server administrators can enable; it's designed to reject emails with forged return addresses.
The most on-brand name since “Fraud Guarantee.”
The Firefox extensions store removed four plugins from Avast/AVG, including two that are supposed to keep users safe from malicious activity because they appeared to be stealing browser histories and other user data.
Walk through any office, and you will likely spot a few bobbleheads. These wobbly figurines are great fun to have around, although most celebrate people we will never meet. For something a little more personal, try Handmade Custom Bobbleheads. These mini caricatures are sculpted and painted by skilled artisans, based on any photo you provide. […]
In the early days of the web, everyone wanted a .com domain for their site. As a result, all the good ones got snapped up. But .com no longer has the cachet it once did. In fact, many new businesses and individuals are opting for other top-level domain extensions. One of the most memorable is […]
When the SNES launched back in the early 1990s, it changed gaming forever. One of the innovations was a gamepad with four action buttons — something that has remained a constant on controllers ever since. The 8BitDo SN30 Bluetooth Gamepad brings that iconic design up to date, with Bluetooth connectivity and support for multiple platforms. […]