An aggressive malware dubbed Silex bricker bot, allegedly developed by a 14-year-old who calls himself Light Leafon, has been crushing IoT devices since its detection yesterday. The worm bricked more than 2,000 devices in only four hours yesterday, writes ZDNet.
According to the publication, the number rose to 2,000 from 350 in just one hour.
Akamai researcher Larry Cashdollar, who discovered the malware, says Silex uses known default credentials to infiltrate the system and then destroy it. Silex will also destroy Linux servers if they have weak security or Telnet ports open.
Silex deletes firewall rules, and messes with network configuration and storage to eventually wipe out the device’s firmware. It reminds experts of BrickerBot malware that permanently destroyed some 10 million devices in 2017.
So, Silex is targeting pretty much any UNIX like OS with default login credentials. Doesn't matter if it's an ARM-based DVR or an x64 bit system running Redhat Enterprise if your login is root:password it could wreck your system.
— Larry W. Cashdollar of house Moderna (@_larry0) June 25, 2019
This is the second malware released by the hacker, who last month leaked the HITO IoT botnet that similarly targeted vulnerable IoT devices. According to ZDNet’s interview with the hacker, he plans on adding destructive features to the malware such as logging into devices via SSH or incorporating exploits.
“It will be reworked to have the original BrickerBot functionality,” Light told ZDNet.
“My friend Skiddy and I are going to rework the whole bot,” Light said. “It is going to target every single publicly known exploit that Mirai or Qbot load.”
The attacks were executed from servers in Iran.
Light did not explain the motives behind the actions, but said it started as a joke and that attacks will intensify.
tags
After having addressed topics such as NFC, startups, and tech innovation, she has now shifted focus to internet security, with a keen interest in smart homes and IoT threats.
View all postsDecember 19, 2024
November 14, 2024