Cybercrooks target IoT devices to mine Bitcoins
Posted on 03 April 2014.
The results of a recent investigation by SANS ISC CTO Johannes Ullrich are in: cybercriminals have been targeting a variety of Internet-of-Things devices and infecting them with Bitcoin-mining malware.


"Last week, we reported that some of the hosts scanning for port 5000 are DVRs (to be more precise: Hikvision DVRs, commonly used to record video from surveillance cameras)," Ullrich noted on Monday. "The compromise of the DVR likely happened via an exposed telnet port and a default root password (12345)."

They recovered the malware responsible for the attacks and, after analyzing it, found out that it is an ARM binary (i.e. designed to run on ARM infrastructure), that Hikvision DVRs are not the only devices that get infected, and that the malware scans for Synology devices exposed on port 5000.

So far, it seems that this piece of malware is only interested in testing whether the Synology Diskstations in question sport a specific vulnerability - the actual exploit will likely be delivered at a later date.

In the meantime, Ullrich also discovered a Bitcoin miner on the DVR that sparked the investigation, so it seems that the attackers are also interested in trying to earn themselves a few crypto coins in the meantime.

But, as many have already pointed out, these devices and their chips are pretty useless when it comes to mining crypto currencies, as they don't have enough power to do the calculations necessary at any meaningful volume. Still, the mining malware is still a burden on the infected devices.









Spotlight

Leveraging network intelligence and deep packet inspection

Posted on 26 November 2014.  |  Tomer Saban, CEO of WireX Systems, talks about how deep packet inspection helps with identifying emerging threats, the role of network intelligence, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Nov 28th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //