Linux.MulDrop.14 is a Linux worm that seeks out networked Raspberry Pi systems with default root passwords; after taking them over and ZMap and sshpass, it begins mining an unspecified cryptocurrency, creating riches for the malware's author and handing you the power-bill.
Experts say the initial infection takes place when Raspberry Pi operators leave their devices' SSH ports open to external connections.
Once a Raspberry Pi device is infected, the malware changes the password for the "pi" account to:
After this, Linux.MulDrop.14 shuts down several processes and installs libraries required for its operation, including ZMap and sshpass.
The malware then launches its cryptocurrency mining process and uses ZMap to continuously scan the Internet for other devices with an open SSH port.
Once it finds one, the malware uses sshpass to attempt to log in using the username "pi" and the password "raspberry." Only this user/password combo is used, meaning the malware only targets Raspberry Pi single-board computers.
Linux Malware Mines for Cryptocurrency Using Raspberry Pi Devices [Catalin Cimpanu/Bleeping Computer]
(Image: Evan-Amos, PD)
For decades, it was a commonplace in western business that no one could afford to ignore China: whatever problems a CEO might have with China's human rights record could never outweigh the profits to be had by targeting the growing Chinese middle-class.
A little over a year ago, Bloomberg stunned the world with a report that claimed that Chinese intelligence services had figured out how to put undetectable, rice-grain-sized hardware implants into servers headed for the biggest US cloud and enterprise IT firms, and that when some of the victims discovered this fact, they quietly ripped out […]
How can a single, ill-conceived law wreak havoc in so many ways? It prevents you from making remix videos. It blocks computer security research. It keeps those with print disabilities from reading ebooks. It makes it illegal to repair people's cars. It makes it harder to compete with tech companies by designing interoperable products. It's even been used […]
Still using elbow grease to clean the sinks, tubs and other grimy surfaces around your house? Save your elbows, and some time. If you’ve got a power drill, the RevoClean® 4-in-1 Drill Brush Cleaning Kit will instantly turn it into a professional scrubber that can tackle any stain on any surface. Attach the 4″ nylon […]
Need data storage? Join the club. It may still seem like the wild west out there, and for many companies, it’s a tough choice between security and accessibility. Luckily, there’s a platform that gives you a lot of both: Polar Backup Cloud Storage. Whether you’re a busy private citizen or managing valuable company data, Polar […]
There are a lot of different language apps out there because nobody learns anything the same exact way – especially not something as complex as a new language. For some people, the best way is to dive in and start talking, but that’s easier said than done if you’re not around those natives you aspire […]