As scary as the epidemics of malware for Internet of Things devices have been, they had one saving grace: because they only lived in RAM (where they were hard to detect!), they could be flushed just by rebooting the infected gadget.
But a new strain of malware, dubbed "Hide n Seek," can live through a power-cycle: it writes a copy of itself to the /etc/init.d/ directory in the IoT device's embedded GNU/Linux system, where startup programs are stored. When a device that's been infected this way is rebooted, it is freshly infected.
Bitdefender experts first spotted the HNS malware and its adjacent botnet in early January, this year, and the botnet grew to around 32,000 bots by the end of the same month. Experts say HNS has infected 90,000 unique devices from the time of discovery until today.
Crooks used two exploits to create their initial botnet, which was unique from other IoT botnets active today because it used a custom P2P protocol to control infected systems.
Now, experts have found new HNS versions that have added support not only for two other exploits [1, 2] but also for brute-force operations.
What this means is that HNS infected devices will scan for other devices that have an exposed Telnet port and attempt to log into that device using a list of preset credentials.
"Hide and Seek" Becomes First IoT Botnet Capable of Surviving Device Reboots [Catalin Cimpanu/Bleeping Computer]
Transparency reports are standard practice across the tech industry, disclosing the nature, quantity and scope of all the law enforcement requests each company receives in a given year.
In PrinTracker: Fingerprinting 3D Printers using Commodity Scanners (Scihub mirror), a paper to be presented at the ACM SIGSAC Conference on Computer and Communications Security conference in Toronto this month, a group of U Buffalo and Northeastern researchers present a model for uniquely identifying which 3D printer produced a given manufactured object, which may allow […]
A child reportedly rode through an X-ray baggage scanner last week at the Xiaolan Railway Station in South China. According to the state-owned China Global Television Network, the young’n snuck away from his father and hopped onto the conveyor belt. Apparently he is fine. As you’ll recall, earlier this year a woman in Dongguan, China […]
If you’re shopping for a camping lantern, you’re looking for reliability, period. So it’s nice to find something like the Revogi Convertible LED Lantern that jumps over that low bar and actually offers some versatility. Made of simple materials, the Revogi is high-tech in a refreshingly minimalist, eight-ounce package. Yes, it’ll light up the campsite […]
No matter what your business, Microsoft’s slate of Office software is as essential as desks and chairs – so much so that most workers are expected to know their way around it before they even get in the door. Whether you need an introduction, a brush-up or a level-up to your knowledge of these tools, […]
Speed reading isn’t just an innate skill possessed by a lucky few. Anyone can learn to speed read, and the benefits are endless. The brain can process more information than most people have time to soak up, but you can make that time now with the 2018 Award-Winning Speed Reading Bundle. The first half of […]