As scary as the epidemics of malware for Internet of Things devices have been, they had one saving grace: because they only lived in RAM (where they were hard to detect!), they could be flushed just by rebooting the infected gadget.
But a new strain of malware, dubbed "Hide n Seek," can live through a power-cycle: it writes a copy of itself to the /etc/init.d/ directory in the IoT device's embedded GNU/Linux system, where startup programs are stored. When a device that's been infected this way is rebooted, it is freshly infected.
Bitdefender experts first spotted the HNS malware and its adjacent botnet in early January, this year, and the botnet grew to around 32,000 bots by the end of the same month. Experts say HNS has infected 90,000 unique devices from the time of discovery until today.
Crooks used two exploits to create their initial botnet, which was unique from other IoT botnets active today because it used a custom P2P protocol to control infected systems.
Now, experts have found new HNS versions that have added support not only for two other exploits [1, 2] but also for brute-force operations.
What this means is that HNS infected devices will scan for other devices that have an exposed Telnet port and attempt to log into that device using a list of preset credentials.
"Hide and Seek" Becomes First IoT Botnet Capable of Surviving Device Reboots [Catalin Cimpanu/Bleeping Computer]
James Mickens (previously) has a well-deserved reputation for being the information security world's funniest speaker, and if that were all he did, he would still be worth listening to.
At this week's B-Sides Manchester security conference, James Williams gave a talk called "Next-gen AV vs my shitty code," in which he systematically revealed the dramatic shortcomings of anti-virus products that people pay good money for and trust to keep them safe -- making a strong case that these companies were selling defective goods.
When you die, your relatives will be sad and (depending on the circumstances of your death) possibly left scrambling to make arrangements for your remains, effects, and estate.
Drones are undeniably cool, but not all of us have the Top Gun-level piloting skills required to fly them—unless you’re using TRNDlabs’ new Spectre Drone. Designed new and expert pilots alike, this drone is loaded with fly assist features to make piloting easy, all the while you explore using its built-in HD camera. It’s available in the […]
Whether you’re set to give the toast at your best friend’s wedding or a presentation at work, you’ll be relying on those public speaking lessons you slept through during high school. Scary thought, right? Thankfully, the Public Speaking Bundle is loaded with hacks, tips, and techniques that will get you speaking more naturally and with confidence, […]
The Adobe Creative Cloud suite is the foundation on which many creatives build their careers, but some of its programs, like Photoshop and InDesign, are notoriously complex, making it difficult for aspiring designers, photographers, and the like to break into their field. But, don’t get discouraged. The Pay What You Want: Adobe CC A-Z Lifetime Bundle […]