Linux.MulDrop.14 is a Linux worm that seeks out networked Raspberry Pi systems with default root passwords; after taking them over and ZMap and sshpass, it begins mining an unspecified cryptocurrency, creating riches for the malware's author and handing you the power-bill.
Experts say the initial infection takes place when Raspberry Pi operators leave their devices' SSH ports open to external connections.
Once a Raspberry Pi device is infected, the malware changes the password for the "pi" account to:
After this, Linux.MulDrop.14 shuts down several processes and installs libraries required for its operation, including ZMap and sshpass.
The malware then launches its cryptocurrency mining process and uses ZMap to continuously scan the Internet for other devices with an open SSH port.
Once it finds one, the malware uses sshpass to attempt to log in using the username "pi" and the password "raspberry." Only this user/password combo is used, meaning the malware only targets Raspberry Pi single-board computers.
Linux Malware Mines for Cryptocurrency Using Raspberry Pi Devices [Catalin Cimpanu/Bleeping Computer]
(Image: Evan-Amos, PD)
Hackers tried to break into the World Health Organization earlier in March, as the COVID-19 pandemic spread, Reuters reports. Security experts blame an advanced cyber-espionage hacker group known as DarkHotel. A senior agency official says the WHO has been facing a more than two-fold increase in cyberattacks since the coronavirus pandemic began.
• ‘Fronton’ is the FSB’s IoT botnet project
Americans abroad must return to US or prepare to shelter in place
Companies that don’t have their own in-house design teams (which means 99 percent of all companies these days) face lots of serious questions. Among those questions is how you keep up with all the design requirements of a 21st-century company without the personnel. It isn’t just a website or an annual product catalog anymore. It’s […]
In case you’re one of those computer shoppers who instinctively turns up their nose at the very mention of the word refurbished, here are a couple myths worth dispelling. Refurbished equals junk somebody didn’t want. While desktops, laptops, notebooks, Chromebooks and tablets marked as refurbished may have been unboxed at some point, meaning they can […]
Electric bikes aren’t toys. And they aren’t a fad. In fact, more and more communities are starting to catch on that e-bikes are a lot more than an amusing gadget for the tech geek. Following a six-month study, Johnson County, Kansas, home to many Kansas City suburbs, became just the latest U.S. community to allow […]