“I think malware is a significant threat because the mitigation, like antivirus software, hasn’t evolved to a point to mitigate the risk to a reasonable degree.” Kevin Mitnick Researchers say, they have discovered a new malware specifically designed to infect and devices. And the malware is developed by Chinese which is attacking a device whose SSH ports are open. IoT Linux and found this new malware named Kaiji. This malware is programmed by using GO language from scratch, not using any pre-existing malware. This malware is called rare because it was developed from the very beginning and secondly, there are already C and C++ projects are available on the internet and GitHub that could be used to perform the DDOS attack. There are very few IOT malware authors that waste their time in developing the malware from scratch. Intezar +MalwareMustDie Paul Litvak, malware analyst at Intezar lab, said, it is rare for a malware to be written from scratch. He also said, it is easier to develop a program in the Go language than in C/C++. And often it is easier to create a new program than to change the existing one. It is also said that, Kaiji is not only exploiting unpatched flaws but also spreading by attacking any public SSH server which allows password-based SSH . This malware brute force the root user which is usually a combination of username and password. And once the root user is compromised, then there is no problem in using the whole system. authentication An example of this would be when we download any flavor of Kali Linux, so it comes with the default username and password such as root/toor which we don’t bother to change and make mistakes. The problem with IoT devices is the same that they use default user and password for SSH authentication which is easily brute force through kaiji at first attempt. Intezar team said that when the attack is successful, so the malware executes a bash script that creates a new directory in the lib folder and a final package gets installed with any authentic name such as netstat, etc. According to researchers, there are many different routines present within the malware that performing tasks differently. And one of the tools, demo, is an incomplete one that invokes the malware after a short period which increases the uses of RAM and crashes the memory. As well as, its main control and command server start rebooting frequently which leaves the infected devices behind without any master server and other botnets start hijacking those devices. From all these signs, the researchers understood that kaiji is still under development malware. It is an IoT botnet that is under development but still making a huge impact on the world. IoT malware authors preferring to use modern languages such as GO, to create the malware. So, start using brute-force protections like Bitdefender IoT Security Platform and start changing your default passwords into the strong ones, to stay safe and secure. “A minimum precaution: keep your anti-malware protection up to date and install security updates for all your software as soon as they arrive.” — Barton Gellman

Different

Keep

 Writer By Day and a Reader By Night.

Read My Stories

Too Long; Didn't Read

CTA: Download the FREE AI Productivity Shift report

Newest Malware from China

About Author

Comments

TOPICS

THIS ARTICLE WAS FEATURED IN

Related Stories

Untitled Story

108 Stories To Learn About Cybersecurity Tips

10 Ways to Mitigate Cybersecurity Risks and Prevent Data Theft

10 Tips For Securing Zoom Meetings

10 Things I Did To Increase CloudTrail Logs Security

10 Steps to Ensuring Cyber Security for a Small Business

108 Stories To Learn About Cybersecurity Tips

10 Ways to Mitigate Cybersecurity Risks and Prevent Data Theft

10 Tips For Securing Zoom Meetings

10 Things I Did To Increase CloudTrail Logs Security

10 Steps to Ensuring Cyber Security for a Small Business

Light-Mode

Classic

Newspaper

Dark-Mode

Neon Noir

Minty

HN StartUps