Windows Helping the Spread of IoT Malware

Dr.Web, a cyber security firm, has found a Windows trojan that helps spread the infamous Mirai botnet across IoT (Internet of Things) devices. The newly found trojan targets Windows systems, and once installed, the trojan scans the network for connected IoT devices. If it finds a vulnerable device, it compromises the device and uses it in later attacks. Last year in October, Mirai brought down a huge chunk of the Internet by launching a DDoS (Distributed Denial of Service) attack on the Dyn managed DNS service.

The Windows trojan doesn't stop at compromising the IoT devices; it continues to spread itself to other Windows devices to further find and exploit more IoT devices.

Researchers noted that the malware could also identify and compromise database services running on various ports, including MySQL and Microsoft SQL, to create a new admin phpminds with the password phpgodwith, allowing attackers to steal the database. At this time, it's not known who created this trojan, but the attack design demonstrates that IoT devices that are not directly accessible from the Internet can also get hacked to join the Mirai botnet army.

IoT devices are already vulnerable to infection, so why are malware writers targeting Windows? Primarily because Windows still dominates the market and it gives the malware writers another platform to spread the botnet.

This is not the only security hole plaguing Microsoft's products. Earlier, Google disclosed flaws in Microsoft's GDI library that affects every Windows version all the way back to Windows Vista. Another unpatched flaw affects the SMB protocol, allowing attackers to crash the system.

More Online

Linux Magazine

Off the Beat * Bruce Byfield

LibreOffice Drops Type 1 Font Support

Should decisions about free software be determined by the needs of developers or users?

Reglue Needs Your Support

Forget, for a moment, how open source seems to be the solution to business problems. Instead, return to basics and think of how free software helps to provide computers for the impoverished, and to reduce technological waste by extending the useful life of older hardware.

NTPsec: The Wrong Fork for the Wrong Reasons

Forks – the splitting of one project from another – are a natural part of free software. They are implicit in the Free Software Foundation's Four Freedoms, and I would no more attempt to deny the right of a fork to exist than I would attempt to insist that everyone use one Linux distribution or desktop environment.


Hierarchical Data Storage for HPC

Jeff Layton

I/O can be a very important part of any application. All applications need to read data and write data at some point with the possibility of huge amounts of both.

Modern Fortran for Today and Tomorrow

Jeff Layton

Fortran 90 took Fortran 77 from the dark ages by giving it new features that developers had wanted for many years and by deprecating old features – but this was only the start.

ADMIN Online

Halting the Ransomware Blackmail Wave

Thomas Gronenwald

In the tsunami of ransomware infections this year, the Locky encryption trojan is a high-water mark.

Setting Up MariaDB Replication with the Help of XtraBackup * Susanne Holzgraefe

If your database is so important that the content must not be lost between periodic data backups, replication is a possible solution.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

comments powered by Disqus