Your Web News in One Place

Help Webnuz

Referal links:

Sign up for GreenGeeks web hosting
June 25, 2019 08:55 pm PDT

An 14-year-old's Internet-of-Things worm is bricking shitty devices by the thousands

A hacker calling themself Light Leafon who claims to be a 14-year-old is responsible for a new IoT worm called Silex that targets any Unix-like system by attempting a login with default credentials; upon gaining access, the malware enumerates all mounted disks and writes to them from /dev/random until they are filled, then it deletes the devices' firewall rules and removes its network config and triggers a restart -- this effectively bricks the device, rendering it useless until someone performs the complex dance needed to download and reinstall the device's firmware.

The worm has taken down at least 2,000 devices since it appeared earlier today, and is indiscriminate enough that it could take down GNU/Linux servers that were badly configured. At least some of the worm's instances have been served from novinvps.com, which is based in Iran. Ankit Anubhav from NewSky Security told Zdnet that he made contact with the worm's author, "Light Leafon," who claimed to be 14 years old. Anubhav had already contacted Leafon earlier, when Leafon released a precursor to Silex called HITO that attacked IoT devices last month. Anubhav calls Leafon "one of the most prominent and talented IoT threat actors at the moment."

Last year, an IoT worm called Brickerbot swept the internet, and its author claims that it disabled 10,000,000 IoT devices in the process.

The teenager said he plans to develop the malware further and add even more destructive functions.

"It will be reworked to have the original BrickerBot functionality," Light told Anubhav and ZDNet.

Read the rest


Original Link: http://feeds.boingboing.net/~r/boingboing/iBag/~3/W-zWzfooyUU/teenaged-kicks.html

Share this article:    Share on Facebook
View Full Article