Windows Helping the Spread of IoT Malware

By

IoT devices remain low hanging fruit for cybercriminals.

Dr.Web, a cyber security firm, has found a Windows Trojan that helps spread the infamous Mirai botnet across IoT (Internet of Things) devices. The newly found trojan targets Windows systems, and once installed, the trojan scans the network for connected IoT devices. If it finds a vulnerable device, it compromises the device and uses it in later attacks. Last year in October, Mirai brought down a huge chunk of the Internet by launching a DDoS (Distributed Denial of Service) attack on the Dyn managed DNS service.

The Windows trojan doesn’t stop at compromising the IoT devices; it continues to spread itself to other Windows devices to further find and exploit more IoT devices.

Researchers noted that the malware could also identify and compromise database services running on various ports, including MySQL and Microsoft SQL, to create a new admin phpminds with the password phpgodwith , allowing attackers to steal the database. At this time, it’s not known who created this trojan, but the attack design demonstrates that IoT devices that are not directly accessible from the Internet can also get hacked to join the Mirai botnet army.

IoT devices are already vulnerable to infection, so why are malware writers targeting Windows? Primarily because Windows still dominates the market and it gives the malware writers another platform to spread the botnet.

02/15/2017
Windows Helping the Spread of IoT Malware
comments powered by Disqus
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs



Support Our Work

ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.