It's been more than a year since RSA's Rotem Kerner published his research on the insecurities in a PVR that was "white labeled" by TVT, a Chinese company and sold under over 70 brand-names around the world. In the intervening year, tens of thousands of these devices have been hijacked into botnets used by criminals in denial of service attacks, and TVT is still MIA, having done nothing to repair them.
Worse: a new malware strain called Amnesia is targeting TVT devices, recruiting them into a botnet alongside other devices with remote code execution bugs, estimates of whose number ranges up to 705,000 targets.
Last year, an IoT worm called Mirai hijacked PVRs, CCTVs and other devices and directed floods of traffic that were so voluminous they took down Level 3 (a tier one backbone provider).
Now, according to a report published yesterday by cyber-security firm Palo Alto Networks, TVT devices are yet again targeted by another IoT malware that's building a huge botnet for launching DDoS attacks.
Nicknamed Amnesia, this new malware strain is based on an older version of the Tsunami IoT/Linux DDoS botnet malware. This new Tsunami alteration is particularly advanced because this appears to be the first version of IoT malware that includes sandbox detection features, usually found in Android and Windows malware.
This self-protection feature allows the malware to detect when security experts or security products execute the malware inside a virtual machine. According to researchers, the malware's response is something that's not been seen before, with Amnesia deleting the entire VM filesystem, most likely out of revenge after being uncovered, and desperately attempting to hide its tracks.
New IoT/Linux Malware Targets DVRs, Forms Botnet
[Claud Xiao, Cong Zheng and Yanhui Jia/Palo Alto Networks]
Irresponsible Chinese DVR Vendor Still the Target of IoT Botnets One Year Later
[Catalin Cimpanu/Bleeping Computer]
Last week at Defcon, a security researcher named Smea presented their findings on vulnerabilities in the Lovesense Hush, an internet-of-things buttplug that has already been shown to have critical privacy vulnerabilities.
Few states have voting machines that are simultaneously more obviously defective and more ardently defended by the state government than Georgia, where 16-year-old touchscreen systems are prone to reporting ballots cast by 243% of the eligible voters and where gross irregularities in election administration sends voters to the wrong polling places or sends co-habitating husbands […]
Apple's Faceid -- a facial recognition tool that unlocks mobile devices -- has a countermeasure that is designed to prevent attackers from scanning an sleeping/unconscious (or dead) person's face to unlock their phone, by scanning the face for signs of consciousness.
There’s no shortage of stories about the benefits of cannabidiol, that benign (and non-psychoactive) cousin of THC. Some have been using it for years to deal with pain, stress, and sleeplessness. And the more people use it, the more discussion there is about how to use it. While there’s no shortage of quality edibles on […]
Are we done with capsule coffee makers yet? Sure, they’re easy. But they are not so easy on the environment, and it’s debatable whether they actually make a better cup. Luckily, there’s never been a better time to switch back to the good old reliable drip method – especially when drip coffeemakers have quietly been […]
If there’s one thing that stayed consistent through the last decade or so of tech industry turmoil, it’s the love affair between techies and Linux. There’s just a ton you can do with the OS, and its open-source format means you can customize your rig from the ground up. Apparently not content with that level […]