Malware going by the name of BASHLITE has been created to cause a DDoS (Denial of Service) type of attacks by taking advantage of IoT devices, researchers report. This is not the first IoT malware that has been detected, but researchers are concerned that this type of viruses are becoming a new trend in malware.
Level 3 Threat Research Labs team has created a report on a malware family known as BASHLIKE which has botnet capabilities. This malware has modules which are created mainly to distribute DDoS type of attacks which use flooding and other techniques to render devices unusable by crashing them.
Other names of the malware family are Lizkebab, Torlus and Gafgyt and it was first detected back in 2015. Since many of the devices are running different variations via Linux’s source code, the malware has been programmed to attack them and gain root privileges. This makes the virus very suitable for taking advantage of devices in the IoT.
And the botnet is not a small one too – it managed to reach up to a million devices that it infected, big part of which were employed in the internet of things.
Furthermore, in their report, researchers of Level 3 have also stated that the attacks are organized and targeted, instead of being performed by lone wolf hackers. Malware grous such as Lizard Squad and Poodle Corp have recently been usng botnets to adjust and perform DDoS attacks on IoT devices of various character. The main issue according to the experts at Level 3’s expertise was that many of those IoT devices, like street cameras and others were primarily deployed with their default user names as well as passwords and IP addresses. This allows for an attacker to easily gain access to the device, by simply searching for the default credentials in it’s user manual online.
When a certain hacker has gained access to the device, he or she may execute privileged commends and install the bots. The hackers can also experiment with different malwares and see which one will be successful for the type of distribution of Linux the device is running.
Once everything is in place, the hackers become the ones in power, they can disable cameras and cause a flood attack which is basically sending many empty packets via the UDP and TCP protocols and render the device temporary unusable. And as IoT is becoming more and more common, more and more IT professionals become worried that more and more sophisticated malware for IoT will hit the web. This is the primary reason why many have formed Facebook groups and Twitter channels to warn of the dangers of IoT.